Filtered by vendor Veeam
Subscriptions
Total
80 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-21667 | 1 Veeam | 1 Backup And Replication | 2026-03-13 | 10 Critical |
| A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | ||||
| CVE-2026-21666 | 1 Veeam | 1 Backup And Replication | 2026-03-13 | 10 Critical |
| A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | ||||
| CVE-2026-21670 | 1 Veeam | 1 Backup And Replication | 2026-03-13 | 7.7 High |
| A vulnerability allowing a low-privileged user to extract saved SSH credentials. | ||||
| CVE-2026-21671 | 1 Veeam | 1 Software Appliance | 2026-03-13 | 9.1 Critical |
| A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication. | ||||
| CVE-2026-21669 | 1 Veeam | 1 Backup And Replication | 2026-03-13 | 10 Critical |
| A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | ||||
| CVE-2026-21668 | 1 Veeam | 1 Backup And Replication | 2026-03-13 | 8.8 High |
| A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository. | ||||
| CVE-2026-21672 | 1 Veeam | 1 Backup And Recovery | 2026-03-13 | 8.8 High |
| A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers. | ||||
| CVE-2026-21708 | 1 Veeam | 1 Backup And Recovery | 2026-03-13 | 10 Critical |
| A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user. | ||||
| CVE-2024-22021 | 1 Veeam | 3 Availability Orchestrator, Disaster Recovery Orchestrator, Recovery Orchestrator | 2026-03-02 | 4.3 Medium |
| Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role (Plan Author) to retrieve plans from a Scope other than the one they are assigned to. | ||||
| CVE-2025-48984 | 1 Veeam | 2 Backup And Replication, Veeam Backup \& Replication | 2026-02-26 | 8.8 High |
| A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user. | ||||
| CVE-2025-48982 | 2 Microsoft, Veeam | 4 Windows, Agent, Veeam and 1 more | 2026-02-26 | 7.8 High |
| This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation if a system administrator is tricked into restoring a malicious file. | ||||
| CVE-2025-48983 | 1 Veeam | 2 Backup And Replication, Veeam Backup \& Replication | 2026-02-26 | 10 Critical |
| A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup infrastructure hosts by an authenticated domain user. | ||||
| CVE-2025-59470 | 1 Veeam | 3 Backup, Veeam, Veeam Backup \& Replication | 2026-02-26 | 9 Critical |
| This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter. | ||||
| CVE-2025-59469 | 1 Veeam | 3 Backup, Veeam, Veeam Backup \& Replication | 2026-02-26 | 9 Critical |
| This vulnerability allows a Backup or Tape Operator to write files as root. | ||||
| CVE-2025-59468 | 1 Veeam | 3 Backup, Veeam, Veeam Backup \& Replication | 2026-02-26 | 9 Critical |
| This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a malicious password parameter. | ||||
| CVE-2025-55125 | 1 Veeam | 3 Backup, Veeam, Veeam Backup \& Replication | 2026-01-12 | 7.8 High |
| This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as root by creating a malicious backup configuration file. | ||||
| CVE-2025-23082 | 1 Veeam | 1 Backup | 2025-11-18 | N/A |
| Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. | ||||
| CVE-2023-27532 | 1 Veeam | 1 Veeam Backup \& Replication | 2025-11-03 | 7.5 High |
| Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts. | ||||
| CVE-2022-26500 | 1 Veeam | 1 Veeam Backup \& Replication | 2025-11-03 | 8.8 High |
| Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code. | ||||
| CVE-2022-26501 | 1 Veeam | 1 Veeam Backup \& Replication | 2025-11-03 | 9.8 Critical |
| Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). | ||||