Cyber Resilience

CVE-2025-61982

High

Published: 18 February 2026

Published
18 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0003 9.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-61982 is a high-severity Code Injection (CWE-94) vulnerability. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 9.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2025-61982 is an arbitrary code execution vulnerability in the Code Stream directive functionality of OpenCFD OpenFOAM version 2506. A specially crafted OpenFOAM simulation file can lead to arbitrary code execution when processed by the affected software. The vulnerability is classified under CWE-94 (Code Injection) and carries a CVSS v3.1 base score of 7.8.

Exploitation requires local access to the system (AV:L) with low attack complexity (AC:L), no privileges (PR:N), and user interaction (UI:R), such as opening or loading the malicious simulation file. An attacker who can provide the specially crafted file to a user can achieve arbitrary code execution with high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), potentially compromising the entire system.

Mitigation details and additional technical analysis are provided in the Talos Intelligence vulnerability report TALOS-2025-2292, accessible at https://talosintelligence.com/vulnerability_reports/TALOS-2025-2292 and https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2292. The CVE was published on 2026-02-18.

EU & UK References

Vulnerability details

An arbitrary code execution vulnerability exists in the Code Stream directive functionality of OpenCFD OpenFOAM 2506. A specially crafted OpenFOAM simulation file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
Why these techniques?

Direct mapping to user-assisted execution of arbitrary code via a specially crafted malicious simulation file.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-3476Shared CWE-94
CVE-2026-42214Shared CWE-94
CVE-2024-27856Shared CWE-94
CVE-2025-24243Shared CWE-94
CVE-2025-25944Shared CWE-94
CVE-2023-31044Shared CWE-94
CVE-2025-65715Shared CWE-94
CVE-2025-21187Shared CWE-94
CVE-2025-61732Shared CWE-94
CVE-2023-51313Shared CWE-94

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely remediation of the specific arbitrary code execution flaw in OpenFOAM's Code Stream directive via patching.

prevent

Mandates validation of inputs from specially crafted OpenFOAM simulation files to block code injection.

prevent

Provides memory protections such as DEP and ASLR to prevent execution of injected arbitrary code.

References