9 matches found
CVE-2026-25873
OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests. Attackers can exploit insecure pickle deserialization of request bodies to achieve code...
EUVD-2026-12954
OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests. Attackers can exploit insecure pickle deserialization of request bodies to achieve code...
CVE-2026-25873
OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests. Attackers can exploit insecure pickle deserialization of request bodies to achieve code...
CVE-2026-25873
OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests. Attackers can exploit insecure pickle deserialization of request bodies to achieve code...
CVE-2026-25873 OmniGen2-RL Reward Server Unsafe Deserialization RCE
OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests. Attackers can exploit insecure pickle deserialization of request bodies to achieve code...
CVE-2026-25873 OmniGen2-RL Reward Server Unsafe Deserialization RCE
OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests. Attackers can exploit insecure pickle deserialization of request bodies to achieve code...
CVE-2026-25873
The CVE-2026-25873 entry concerns OmniGen2-RL, specifically the reward-server component. The vulnerability is an unauthenticated remote code execution via insecure pickle deserialization of HTTP POST request bodies, enabling an attacker to execute arbitrary commands on the host running the expose...
PT-2026-26152
OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests. Attackers can exploit insecure pickle deserialization of request bodies to achieve code...
OmniGen2 代码问题漏洞
OmniGen2 is a model for command-driven image editing, open-sourced by VectorSpaceLab. OmniGen2 has a code vulnerability that stems from insecure pickle deserialization in the reward server component, which may lead to remote code execution...