Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3572 articles · 175809 vulns · 37/41 feeds (7d)
← Back to list
—
CVE-2026-44963KEVEXPLOITEDPATCHED
veeam · backup and replication

CVE-2026-44963: A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.

Description

A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.

Affected Products

VendorProductVersions
veeambackup and replication0

References

  • https://www.veeam.com/kb4869

Related News (5 articles)

Tier C
VulDB34d ago
CVE-2026-44963 | Veeam Backup and Replication up to 12.3.1 deserialization (kb4869)
→ No new info (linked only)
Tier D
The Hacker News35d ago
Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code
→ No new info (linked only)
Tier D
BleepingComputer35d ago
New Veeam vulnerability exposes backup servers to RCE attacks
→ No new info (linked only)
Tier B
BSI Advisories35d ago
[NEU] [hoch] Veeam Backup & Replication: Schwachstelle ermöglicht Codeausführung
→ No new info (linked only)
Tier B
CERT-FR35d ago
Vulnérabilité dans Veeam Backup & Replication (09 juin 2026)
→ No new info (linked only)
CISA KEV✅ Yes
Actively exploited✅ Yes
Patch available
null
CWECWE-502
PublishedJun 9, 2026
Last enriched34d agov2
Tags
deserialization
Trending Score1
Source articles5
Independent5
Info Completeness8/14
Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

CRITICALPRE-CVE
Critical vulnerability in Veeam Software Appliance Updater Component
Trending: 30
CRITICALPRE-CVE
Critical vulnerability in Veeam Backup and Replication
Trending: 1
NONECVE-2026-32998EXP
CVE-2026-32998: This vulnerability in Veeam Service Provider Console allows for remote code execution.
NONECVE-2026-32997EXP
CVE-2026-32997: A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-base
MEDIUMCVE-2026-21709
CVE-2026-21709: A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement.

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jun 9, 2026
Added to CISA KEV
Jun 9, 2026
Discovered by ZDM
Jun 9, 2026
Updated: affectedVersions, severity, activelyExploited, patchAvailable, tags
Jun 10, 2026
Actively Exploited
Jun 10, 2026
Patch Available
Jun 10, 2026

Version History

v2
Last enriched 34d ago
v2Tier C34d ago

Updated affected versions to 12.3.1, changed severity to HIGH, marked as actively exploited, and added deserialization tag.

affectedVersionsseverityactivelyExploitedpatchAvailabletags
via VulDB
v134d ago

Initial creation