How severe is CVE-2025-59470?

CVE-2025-59470 has a CVSS v3 score of 9 (CRITICAL).

CVE-2025-59470

Name: veeam_backup_\&_replication
Author: veeam

9.0CRITICAL

This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter.

Published: 1/8/2026Updated: 1/14/2026

Description

This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter.

AI AnalysisPowered by AI

Affected Products

veeamveeam_backup_\&_replication

References

https://www.veeam.com/kb4792
Vendor Advisory