PostgreSQL Backup Viewer allows unauthorized code execution as admin

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.9

PostgreSQL Backup Viewer allows unauthorized code execution as admin

CVE-2026-21708

Summary

A bug in the PostgreSQL Backup Viewer allows an attacker to execute arbitrary system commands with elevated privileges. This can happen if an attacker gains access to the Backup Viewer, putting sensitive data and systems at risk. Users should update the Backup Viewer software to the latest version to fix this issue.

Original title

A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user.

Original description

A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user.

nvd CVSS3.1 9.9

https://www.veeam.com/kb4830
https://www.veeam.com/kb4831

Published: 12 Mar 2026 · Updated: 14 Mar 2026 · First seen: 12 Mar 2026