1 article
Veeam has patched CVE-2026-44963, a CVSS 9.4 remote code execution vulnerability in Veeam Backup & Replication that allows any domain user to execute arbitrary code on the Veeam backup server. The vulnerability exploits insufficient authorisation in the Veeam Backup Service API. Organisations using Veeam in Active Directory environments should apply the patch immediately.