Ruby 4.x — End of Life
Active High risk EOL: Mar 31, 2029in 1026d1 release in this series1 CVE
Ruby 4.x — All releases
| Version | Released | Active support | EOL date | Latest patch | Status |
|---|---|---|---|---|---|
| 4.0 | Dec 25, 2025 | — | Mar 31, 2029 | 4.0.5 | Active |
CVEs affecting Ruby 4.x (1)
| CVE | Severity | CVSS | EPSS | KEV | Cycle | Description | Published |
|---|---|---|---|---|---|---|---|
| CVE-2026-46727 | HIGH | 8.1 | 0.16% | — | 4.0 | An issue was discovered in Ruby 4 before 4.0.5. A race condition leading to a use-after-free in the pthread-based getadd… | May 22, 2026 |
Frequently asked questions
Is Ruby 4 end of life?
No. Ruby 4.x is still supported until March 31, 2029. It continues to receive security patches and bug fixes.
What CVEs affect Ruby 4?
There are 1 CVE tracked for Ruby 4.x. See the full list above with CVSS and EPSS scores.
What is the latest Ruby 4 version?
The latest Ruby 4.x patch release is 4.0.5, released on May 19, 2026. Always run the latest patch to benefit from all security fixes.
When was Ruby 4 first released?
Ruby 4.0 was initially released on December 25, 2025. See the full version timeline in the table above.
Is it safe to run Ruby 4 in production?
Ruby 4 is still supported and safe for production use until March 31, 2029. Ensure you are running the latest patch version (4.0.5) to have all security fixes applied.
Data sourced from endoflife.date · CVE data from NVD · EPSS from FIRST.org · KEV from CISA