This page lists publicly disclosed CVE vulnerabilities affecting veeam veeam_backup_\&_replication (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-21708 | A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user. | [email protected] | 9.9 | 1.09% | 2026-03-12 | 2026-06-17 |
| CVE-2026-21671 | A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication. | [email protected] | 9.1 | 1.33% | 2026-03-12 | 2026-06-17 |
| CVE-2026-21670 | A vulnerability allowing a low-privileged user to extract saved SSH credentials. | [email protected] | 7.7 | 0.40% | 2026-03-12 | 2026-06-17 |
| CVE-2026-21669 | A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | [email protected] | 9.9 | 1.17% | 2026-03-12 | 2026-06-17 |
| CVE-2026-21668 | A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository. | [email protected] | 8.8 | 0.51% | 2026-03-12 | 2026-06-17 |
| CVE-2026-21667 | A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | [email protected] | 9.9 | 1.13% | 2026-03-12 | 2026-06-17 |
| CVE-2026-21666 | A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | [email protected] | 9.9 | 1.13% | 2026-03-12 | 2026-06-17 |
| CVE-2025-59470 | This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter. | [email protected] | 9.0 | 1.49% | 2026-01-08 | 2026-06-17 |
| CVE-2025-59469 | This vulnerability allows a Backup or Tape Operator to write files as root. | [email protected] | 9.0 | 0.61% | 2026-01-08 | 2026-06-17 |
| CVE-2025-59468 | This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a malicious password parameter. | [email protected] | 9.0 | 1.14% | 2026-01-08 | 2026-06-17 |
| CVE-2025-55125 | This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as root by creating a malicious backup configuration file. | [email protected] | 7.8 | 0.80% | 2026-01-08 | 2026-06-17 |
| CVE-2025-48984 | A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user. | [email protected] | 8.8 | 0.92% | 2025-10-30 | 2026-06-17 |
| CVE-2025-48983 | A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup infrastructure hosts by an authenticated domain user. | [email protected] | 9.9 | 0.76% | 2025-10-30 | 2026-06-17 |
| CVE-2025-24286 | A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code. | [email protected] | 7.2 | 10.67% | 2025-06-18 | 2026-06-17 |
| CVE-2025-23121 | A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user | [email protected] | 8.8 | 11.61% | 2025-06-18 | 2026-06-17 |
| CVE-2025-23120 | A vulnerability allowing remote code execution (RCE) for domain users. | [email protected] | 8.8 | 18.34% | 2025-03-20 | 2026-06-17 |
| CVE-2024-45204 | A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial target and potentially leading to broader security vulnerabilities. | [email protected] | 4.3 | 0.35% | 2024-12-03 | 2026-06-17 |
| CVE-2024-42457 | A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and exploitation, leading to the leak of plaintext credentials to a malicious host. The attack is facilitated by improper usage of a method that allows operators to add a new host with an attacker-controlled IP, enabling them to | [email protected] | 6.5 | 0.41% | 2024-12-03 | 2026-06-17 |
| CVE-2024-42456 | A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result in unauthorized access, enabling the user to call privileged methods and initiate critical services. The issue arises due to insufficient permission requirements on the method, allowing users with low privileges to perfo | [email protected] | 8.8 | 0.38% | 2024-12-03 | 2026-06-17 |
| CVE-2024-42455 | A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service account privileges. The vulnerability is caused by an insufficient blacklist during the deserialization process. | [email protected] | 8.1 | 14.01% | 2024-12-03 | 2026-06-17 |