—

CVE-2026-32998EXPLOITED

veeam · service provider console

CVE-2026-32998: This vulnerability in Veeam Service Provider Console allows for remote code execution.

Description

This vulnerability in Veeam Service Provider Console allows for remote code execution.

Affected Products

Vendor	Product	Versions
veeam	service provider console	9

References

https://www.veeam.com/kb4853

Related News (2 articles)

Tier C

VulDB12h ago

CVE-2026-32998 | Veeam Service Provider Console up to 9.2 parameters (kb4853)

→ No new info (linked only)

Tier B

CERT-FR17h ago

Multiples vulnérabilités dans les produits Veeam (28 mai 2026)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-233

PublishedMay 28, 2026

Last enriched5h agov3

Trending Score62

Source articles2

Independent2

Info Completeness8/14

Missing: cvss, epss, kev, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

Vulnerability Timeline

CVE Published

May 28, 2026

Discovered by ZDM

May 28, 2026

Updated: description, severity, affectedVersions, activelyExploited

May 28, 2026

Updated: affectedVersions, severity, exploitAvailable

May 28, 2026

Actively Exploited

May 28, 2026

Exploit Available

May 28, 2026

Version History

Last enriched 5h ago

v3Tier B5h ago

Updated affected versions to include 9.2.1.x and 9.2.1.33875, and changed severity to CRITICAL with exploit now available.

affectedVersionsseverityexploitAvailable

via CERT-FR

v2Tier C11h ago

Updated severity to HIGH, added affected version 9.2, and provided a more detailed description of the vulnerability.

descriptionseverityaffectedVersionsactivelyExploited

via VulDB

v111h ago

Initial creation

CVE-2026-32998: This vulnerability in Veeam Service Provider Console allows for remote code execution.

Description

Affected Products

References

Related News (2 articles)

Community Vote

Related CVEs (5)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History