Which versions of Veeam Backup & Replication are affected by EUVD-2026-32713?

Veeam Backup & Replication 13 (through version 13.0.1) on Linux contains an arbitrary file-write vulnerability allowing authenticated backup administrators to execute code and compromise the entire…

Veeam Backup & Replication EUVD-2026-32713

Q: What is the CVSS score of EUVD-2026-32713?

EUVD-2026-32713 has a CVSS 4.0 base score of 8.6 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

| CVE-2026-32997 HIGH

Absolute Path Traversal (CWE-36)

2026-05-28 hackerone

GHSA-4x5p-f63m-rvrp

Information Disclosure Backup And Replication

8.6

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

May 28, 2026 - 07:00 vuln.today

CVSS changed

May 28, 2026 - 05:22 NVD

8.6 (HIGH)

CVE Published

May 28, 2026 - 04:01 nvd

HIGH 8.6

CVE Published

May 28, 2026 - 04:01 nvd

UNKNOWN (no severity yet)

DescriptionNVD

A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server.

AnalysisAI

Arbitrary file write in Veeam Backup & Replication 13 (≤13.0.1) on Linux-based deployments allows an authenticated Backup Administrator to write files anywhere on the server filesystem, enabling code execution and full host compromise. CVSS 4.0 scores this 8.6 (High) due to network-reachable exploitation with high impact across confidentiality, integrity, and availability, though high privileges are required. …

RemediationAI

Within 24 hours: Identify all Veeam Backup & Replication 13 ≤13.0.1 Linux deployments; restrict Backup Administrator role to essential personnel only. Within 7 days: Monitor Veeam security advisories for patch availability; conduct access review for all backup administrator accounts. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-32713 vulnerability details – vuln.today

Back

Veeam Backup & Replication EUVD-2026-32713

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

Veeam Backup & Replication EUVD-2026-32713

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code