Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user
CVE-2025-48983
CRITICAL CVSS 9.9
Find Similar
A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup infrastructure hosts by an authenticated domain user.
CVE-2026-21671
CRITICAL CVSS 9.1
Find Similar
A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication.
A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords)
CVE-2026-44963
CRITICAL CVSS 9.4
Find Similar
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
CVE-2024-40711
CRITICAL CVSS 9.8 KEV
Find Similar
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).
CVE-2026-21669
CRITICAL CVSS 9.9
Find Similar
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. These jobs can be configured to run pre-
A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code.
CVE-2026-32998
CRITICAL CVSS 9.4
Find Similar
This vulnerability in Veeam Service Provider Console allows for remote code execution.
CVE-2026-21708
CRITICAL CVSS 9.9
Find Similar
A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user.
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA.
Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent. The vulnerability enables an attacker to execute arbitrary code within the Code Agent container. Exploiti
An authenticated Remote Code Execution (RCE) vulnerability exists in the AirWave CLI. Successful exploitation of this vulnerability could allow a remote authenticated threat actor to run arbitrary com
A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate.
A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that allowed attackers to execute arbitrary code by exploiting the pre-receive hook functionality, potentially le
Page 1+ Next →