Skip to main content

Omnigen2 Rl EUVDEUVD-2026-12954

| CVE-2026-25873 CRITICAL
Deserialization of Untrusted Data (CWE-502)
2026-03-18 VulnCheck
9.3
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
9.3 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (VulnCheck) · only source for this CVE.

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

9
Source Code Evidence Fetched
Jul 14, 2026 - 16:30 vuln.today
Analysis Updated
Jul 14, 2026 - 16:30 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jul 14, 2026 - 16:22 vuln.today
cvss_changed
CVSS changed
Jul 14, 2026 - 16:22 NVD
9.8 (CRITICAL) 9.3 (CRITICAL)
PoC Detected
Mar 18, 2026 - 21:16 vuln.today
Public exploit code
EUVD ID Assigned
Mar 18, 2026 - 21:00 euvd
EUVD-2026-12954
Analysis Generated
Mar 18, 2026 - 21:00 vuln.today
Patch released
Mar 18, 2026 - 21:00 nvd
Patch available
CVE Published
Mar 18, 2026 - 20:47 nvd
CRITICAL 9.8

DescriptionCVE.org

OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests. Attackers can exploit insecure pickle deserialization of request bodies to achieve code execution on the host system running the exposed service.

AnalysisAI

Remote code execution in the Beijing Academy of Artificial Intelligence (BAAI) OmniGen2-RL reward server lets unauthenticated attackers run arbitrary OS commands by POSTing a malicious pickle payload to the exposed HTTP endpoint. The reward_server.py and reward_proxy.py components call pickle.loads() directly on raw, attacker-controlled request bodies, so any network-reachable instance can be fully compromised. Publicly available exploit code exists (chocapikk.com write-up) and a vendor patch (PR #139) is available, though EPSS remains low at 0.13% and there is no public exploit identified as actively exploited.

Share

EUVD-2026-12954 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy