EOLCanaryEOLCanary
Explore

Cakephp 4.x — End of Life

Active
EOL: Sep 9, 2026in 91d7 releases in this series0 CVEs

Cakephp 4.x — All releases

VersionReleasedActive supportEOL dateLatest patchStatus
4.6Mar 22, 2025Sep 9, 2025Sep 9, 20264.6.4Active
4.5Oct 14, 2023Mar 23, 2025Sep 9, 20264.5.11Active
4.4Jun 6, 2022Oct 15, 2023Sep 9, 20264.4.18Active
4.3Oct 23, 2021Jun 7, 2022Sep 9, 20264.3.11Active
4.2Dec 20, 2020Oct 24, 2021Oct 14, 20234.2.12EOL
4.1Jul 4, 2020Dec 21, 2020Yes4.1.7EOL
4.0Dec 15, 2019Jul 5, 2020Yes4.0.10EOL

CVEs affecting Cakephp 4.x (0)

No CVEs tracked for Cakephp 4.x.

Cakephp 4.x will reach end of life — migrate to Cakephp 5.x

Cakephp 5.x is the next major release. Plan your upgrade before Cakephp 4.x stops receiving security patches.

See Cakephp 5.x

Frequently asked questions

Is Cakephp 4 end of life?

Partially. Some Cakephp 4.x releases have reached EOL. Check the version table above for the exact status of each sub-release.

What CVEs affect Cakephp 4?

No CVEs are currently tracked for Cakephp 4.x in our database. This may mean no vulnerabilities have been recorded yet, or the data is still syncing.

What is the latest Cakephp 4 version?

The latest Cakephp 4.x patch release is 4.6.4, released on May 23, 2026. Always run the latest patch to benefit from all security fixes.

How to migrate from Cakephp 4 to Cakephp 5?

To migrate from Cakephp 4 to Cakephp 5: (1) review the official Cakephp 5 migration guide for breaking changes, (2) update dependencies and configuration accordingly, (3) test thoroughly in a staging environment, (4) deploy with a rollback plan. Starting early gives you time to resolve compatibility issues before your current version reaches end of life.

Is it safe to run Cakephp 4 in production?

Cakephp 4 is still supported and safe for production use until September 9, 2026. Ensure you are running the latest patch version (4.6.4) to have all security fixes applied.

Data sourced from endoflife.date · CVE data from NVD · EPSS from FIRST.org · KEV from CISA