CVE Catalog

CVE-2026-21671

Critical
Published: Translated: NVD NIST

Summary

The vulnerability allows an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication.

Risk Assessment

Organizations may face serious security threats as an attacker could exploit this vulnerability to remotely execute code on the system.

Recommendation

It is recommended to restrict access to the Backup Administrator role and to implement security patches provided by Veeam.

Original NVD description (English source)

A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS