Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user
CVE-2025-48983
CRITICAL CVSS 9.9
Find Similar
A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup infrastructure hosts by an authenticated domain user.
CVE-2026-44963
CRITICAL CVSS 9.4
Find Similar
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
CVE-2026-21669
CRITICAL CVSS 9.9
Find Similar
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
CVE-2026-21671
CRITICAL CVSS 9.1
Find Similar
A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication.
CVE-2025-55125
CRITICAL CVSS 9.8
Find Similar
This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as root by creating a malicious backup configuration file.
CVE-2025-59470
CRITICAL CVSS 9.0
Find Similar
This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter.
CVE-2025-59468
CRITICAL CVSS 9.1
Find Similar
This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a malicious password parameter.
A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords)
A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code.
A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. These jobs can be configured to run pre-
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA.
CVE-2026-21708
CRITICAL CVSS 9.9
Find Similar
A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user.
An authenticated Remote Code Execution (RCE) vulnerability exists in the AirWave CLI. Successful exploitation of this vulnerability could allow a remote authenticated threat actor to run arbitrary com
A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM
CVE-2026-32998
CRITICAL CVSS 9.4
Find Similar
This vulnerability in Veeam Service Provider Console allows for remote code execution.
Page 1+ Next →