CVE-2025-59468
published 2026-01-08CVE-2025-59468: This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a malicious password parameter.
PriorityP358critical9.1CVSS 3.1
AVNACLPRHUINSCCHIHAH
EPSS
1.14%
62.6th percentile
This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a
malicious password parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| veeam | backup_and_recovery | 13.0.0 – 13.0.0 | — |
| veeam | veeam_backup_replication | >= 13.0.0.4967 < 13.0.1.1071 | 13.0.1.1071 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bleepingcomputer
New Veeam vulnerabilities expose backup servers to RCE attacks
blogs_bleepingcomputer·2026-01-07·CVSS 7.8
CVE-2025-59470 [HIGH] New Veeam vulnerabilities expose backup servers to RCE attacks
## New Veeam vulnerabilities expose backup servers to RCE attacks
## Sergiu Gatlan
Veeam released security updates to patch multiple security flaws in its Backup & Replication software, including a critical remote code execution (RCE) vulnerability.
Tracked as CVE-2025-59470, this RCE security flaw affects Veeam Backup & Replication 13.0.1.180 and all earlier version 13 builds.
"This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter," Veeam explained in a Tuesday advisory.
However, the information technology company adjusted its rating to high severity because it can only be exploited by attackers with the Backup or Tape Operator roles.
"The Backup and Tape Operator roles are c
Wiz
CVE-2025-59468 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.0
CVE-2025-59468 [CRITICAL] CVE-2025-59468 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-59468 :
Veeam Backup & Replication vulnerability analysis and mitigation
This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a
malicious password parameter.
Source : NVD
## 9.1
Score
Published January 8, 2026
Severity CRITICAL
CNA Score 9.0
Affected Technologies
Veeam Backup & Replication
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 30.8
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:veeam:veeam_backup_\&_replication
Sources
Windows Severity CRITICAL Has Fix Added at: Jan 11, 2026
Windows Severity CRITICAL Has Fix Added at: Jan 18, 2026
## Get a CVE risk assessment
2026-01-08
Published