CVE-2026-21666

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication (affected versions not specified)

Description The software contains a flaw that allows an authenticated domain user to perform remote code execution (RCE) on the Backup Server. This could lead to compromise of backup infrastructure and potentially serve as a staging point for ransomware attacks. The issue involves errors in access control. It is estimated that a significant number of organizations may be affected. Exploitation of this issue allows an attacker to execute arbitrary code remotely.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.