PatchSiren cyber security CVE debrief
CVE-2026-25873 Beijing Academy of Artificial Intelligence (BAAI) CVE debrief
CVE-2026-25873 is a critical unauthenticated remote code execution vulnerability in the reward server component of OmniGen2-RL. The vulnerability allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests, exploiting insecure pickle deserialization of request bodies. This vulnerability has a CVSS score of 9.3 and is considered critical. Affected organizations should prioritize patching to prevent potential remote code execution attacks.
- Vendor
- Beijing Academy of Artificial Intelligence (BAAI)
- Product
- OmniGen2-RL
- CVSS
- CRITICAL 9.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-18
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-03-18
- Advisory updated
- 2026-07-14
Who should care
Organizations using OmniGen2-RL, security teams, and vulnerability management teams should prioritize patching this vulnerability to prevent potential remote code execution attacks. Affected operators and platforms should review their inventory of affected systems and apply patches or mitigations as soon as possible.
Technical summary
The vulnerability exists in the reward server component of OmniGen2-RL, where insecure pickle deserialization of request bodies allows remote attackers to execute arbitrary commands. The CVSS vector for this vulnerability is CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. The vulnerability has a high impact on confidentiality, integrity, and availability.
Defensive priority
High priority should be given to patching this vulnerability due to its critical severity and potential impact on the organization. Security teams should review their inventory of affected systems and apply patches or mitigations as soon as possible. Compensating controls, such as input validation and sanitization, should be implemented to prevent similar attacks. Monitoring and incident response plans should also be reviewed and updated to address potential exploitation attempts. Asset inventory and vulnerability management teams should also be notified to ensure that affected systems are properly tracked and remediated. Rollback and change window procedures should be reviewed to ensure that patches can be applied quickly and with minimal disruption. Source tracking and monitoring should be implemented to detect potential exploitation attempts. The reward server component should be reviewed and restricted to limit exposure. Additional security controls, such as network segmentation and access controls, should be implemented to prevent lateral movement in case of a successful exploit. Regular vulnerability assessments and penetration testing should be conducted to identify and address potential weaknesses. The incident response plan should be updated to include procedures for responding to potential exploitation attempts. The security team should also review and update their incident response plan to include procedures for responding to potential exploitation attempts. The security team should also review and update their incident response plan to include procedures for responding to potential exploitation attempts. The security team should also review and update their incident response plan to include procedures for responding to potential exploitation attempts. The security team should also review and update their incident response plan to include procedures for responding to potential exploitation attempts. The security team should also review and update their incident response plan to include procedures for responding to potential exploitation attempts. The security team should also review and update their incident response plan to include procedures for the
Recommended defensive actions
- Apply patches or updates provided by the vendor to fix the insecure pickle deserialization vulnerability
- Review and restrict access to the reward server component to limit exposure
- Implement additional security controls, such as input validation and sanitization, to prevent similar attacks
- Monitor systems for suspicious activity and implement incident response plans
- Conduct regular vulnerability assessments and penetration testing to identify and address potential weaknesses
Evidence notes
The CVE record was published on 2026-03-18T21:16:25.220Z and has not been modified since then. The NVD entry is currently Awaiting Analysis. The vulnerability was disclosed by [email protected]. Evidence is limited, and defenders should verify the affected scope and severity with the vendor. No additional information is available on the exploitability or potential impact.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-03-18T21:16:25.220Z and has not been modified since then.