CVE-2026-25873:
OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component, allowing attackers to execute arbitrary commands via malicious HTTP POST requests.
Score
A numerical rating that indicates how dangerous this vulnerability is.
9.8Critical- Published Date:Mar 18, 2026
- CISA KEV Date:*No Data*
- Industries Affected:20
Exploitability
- Score:3.9
- Attack Vector:NETWORK
- Attack Complexity:LOW
- Privileges Required:NONE
- User Interaction:NONE
- Scope:UNCHANGED
Impact
- Score:5.9
- Confidentiality Impact:HIGH
- Integrity Impact:HIGH
- Availability Impact:HIGH
Description Preview
OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component, allowing attackers to execute arbitrary commands via malicious HTTP POST requests.
Overview
The vulnerability in OmniGen2-RL's reward server component presents a critical security risk. Assigned CVE-2026-25873, this flaw allows unauthenticated remote attackers to execute arbitrary code on the target system. The vulnerability is classified as CWE-502, which pertains to deserialization of untrusted data. With a CVSS v3.1 base score of 9.8 and a CVSS v4.0 base score of 9.3, both rated as CRITICAL, this vulnerability requires immediate attention. The attack vector is network-based, with low complexity and no required privileges or user interaction, potentially resulting in high impacts on confidentiality, integrity, and availability of the affected system.
Remediation
- While specific remediation steps are not provided in the CVE information, general best practices for addressing this type of vulnerability include:
- 1. Updating the OmniGen2-RL software to the latest version that addresses this vulnerability.
- 2. Implementing proper input validation and sanitization for all incoming data.
- 3. Avoiding the use of pickle for deserialization of untrusted data, instead opting for safer alternatives.
- 4. Applying the principle of least privilege to limit potential damage from successful exploits.
- 5. Monitoring systems for suspicious activities and implementing robust logging mechanisms.
- 6. Restricting network access to the reward server component where possible.
- Users and administrators of OmniGen2-RL should consult the official documentation and security advisories for specific patching instructions and mitigation strategies.
References
- [1] "OmniGen2 Pickle RCE," Chocapikk, 2026. [Online]. Available: https://chocapikk.com/posts/2026/omnigen2-pickle-rce/
- [2] "OmniGen2 GitHub Repository - Reward Proxy," GitHub, 2026. [Online]. Available: https://github.com/VectorSpaceLab/OmniGen2/blob/3a13017e532f9f309a38bca571fd62200a6415c5/OmniGen2-RL/reward_server/reward_proxy.py#L208
- [3] "OmniGen2 GitHub Repository - Reward Server," GitHub, 2026. [Online]. Available: https://github.com/VectorSpaceLab/OmniGen2/blob/3a13017e532f9f309a38bca571fd62200a6415c5/OmniGen2-RL/reward_server/reward_server.py#L118
- [4] "OmniGen2 GitHub Pull Request #139," GitHub, 2026. [Online]. Available: https://github.com/VectorSpaceLab/OmniGen2/pull/139
- [5] "OmniGen2-RL Reward Server Unsafe Deserialization RCE," VulnCheck, 2026. [Online]. Available: https://www.vulncheck.com/advisories/omnigen2-rl-reward-server-unsafe-deserialization-rce
- [6] "Arxiv Paper on OmniGen2 Vulnerability," arXiv, 2026. [Online]. Available: https://arxiv.org/abs/2506.18871
Industries Affected
Below is a list of industries most commonly impacted or potentially at risk based on intelligence.
