Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Veeam security patch release for CVE-2025-59470

Security Patch Release
First reported
Last updated
Happening score
H score 47
1 unique sources, 1 articles

Summary

Hide ▲

Veeam released version 13.0.1.1071 to patch Backup & Replication vulnerabilities, including CVE-2025-59470, a critical RCE flaw affecting 13.0.1.180 and earlier version 13 builds. The bundle also fixes CVE-2025-55125 and CVE-2025-59468, which could let highly privileged Backup or Tape Operator accounts trigger code execution through malicious parameters or backup files. The update matters because VBR protects critical data and applications and is a frequent target for ransomware gangs seeking lateral movement and backup deletion.

Related Happenings

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Avada Builder 3.15.3 patch release (CVE-2026-4782, CVE-2026-4798)

Security Patch Release
First: 15.05.2026 18:56 Last: 15.05.2026 18:56 Sources 1

About this happening: **Avada Builder** shipped **version 3.15.3** as the full fix for **CVE-2026-4782** and **CVE-2026-4798**, closing the plugin flaws that could expose files and database data. A pri...

Open Happening

Linux distros patch release for Fragnasia (CVE-2026-46300)

Security Patch Release
First: 14.05.2026 10:34 Last: 14.05.2026 10:34 Sources 1

About this happening: Linux distros are rolling out **patches** for **CVE-2026-46300**, a high-severity kernel flaw that can let unprivileged local attackers gain **root** on vulnerable Linux systems....

Open Happening

Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)

Security Patch Release
First: 11.05.2026 17:30 Last: 11.05.2026 17:30 Sources 1

About this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...

Open Happening

CPanel security patch release for CVE-2026-29201

Security Patch Release
First: 09.05.2026 10:16 Last: 09.05.2026 10:16 Sources 1

About this happening: **cPanel** released updates for **cPanel and Web Host Manager (WHM)** to fix **three vulnerabilities** that could enable **privilege escalation**, **code execution**, or **denial-...

Open Happening

Timeline

  1. 07.01.2026 15:06 2 articles · 4mo ago

    Veeam ships 13.0.1.1071 to fix Backup & Replication flaws

    Mitigation Patch Update

    Veeam released version 13.0.1.1071 for Veeam Backup & Replication to patch CVE-2025-59470, CVE-2025-55125, and CVE-2025-59468, reducing exposure to remote code execution paths that could be abused by malicious Backup or Tape Operator accounts.

    Show sources
    Open in new tab
  2. 07.01.2026 15:06 1 articles · 4mo ago

    Veeam details CVE-2025-59470 RCE conditions in Backup & Replication

    Initial Disclosure

    Veeam disclosed that CVE-2025-59470 affects Veeam Backup & Replication 13.0.1.180 and all earlier version 13 builds, and that a Backup or Tape Operator can trigger remote code execution as the postgres user by sending a malicious interval or order parameter; the company rated the flaw high severity because exploitation requires highly privileged roles.

    Show sources
    Open in new tab