Unrated severityNVD Advisory· Published Mar 18, 2026· Updated Mar 19, 2026

OmniGen2-RL Reward Server Unsafe Deserialization RCE

CVE-2026-25873

Description

OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests. Attackers can exploit insecure pickle deserialization of request bodies to achieve code execution on the host system running the exposed service.

Affected products

Beijing Academy Of Artificial Intelligence (baai)/Omnigen2 Rlv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/VectorSpaceLab/OmniGen2/pull/139mitrepatch
chocapikk.com/posts/2026/omnigen2-pickle-rce/mitretechnical-descriptionexploit
www.vulncheck.com/advisories/omnigen2-rl-reward-server-unsafe-deserialization-rcemitrethird-party-advisory
arxiv.org/abs/2506.18871mitreproduct
github.com/VectorSpaceLab/OmniGen2/blob/3a13017e532f9f309a38bca571fd62200a6415c5/OmniGen2-RL/reward_server/reward_proxy.pymitrerelated
github.com/VectorSpaceLab/OmniGen2/blob/3a13017e532f9f309a38bca571fd62200a6415c5/OmniGen2-RL/reward_server/reward_proxy.pymitrerelated
github.com/VectorSpaceLab/OmniGen2/blob/3a13017e532f9f309a38bca571fd62200a6415c5/OmniGen2-RL/reward_server/reward_server.pymitrerelated

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000