Ubuntu 25.x — End of Life
EOL Actively exploitedUbuntu 25.x — All releases
| Version | Released | Active support | EOL date | Latest patch | Status |
|---|---|---|---|---|---|
| 25.10 | Oct 9, 2025 | Jul 1, 2026 | Jul 1, 2026 | 25.10 | EOL |
| 25.04 | Apr 17, 2025 | Jan 17, 2026 | Jan 17, 2026 | 25.04 | EOL |
CVEs affecting Ubuntu 25.x (12)
| CVE | Severity | CVSS | EPSS | KEV | Cycle | Description | Published |
|---|---|---|---|---|---|---|---|
| CVE-2026-47334 | MEDIUM | 5.5 | 0.08% | — | 25.10 | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notifi… | May 28, 2026 |
| CVE-2026-47333 | HIGH | 7.8 | 0.11% | — | 25.10 | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an i… | May 28, 2026 |
| CVE-2026-47332 | MEDIUM | 5.5 | 0.11% | — | 25.10 | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structu… | May 28, 2026 |
| CVE-2026-47331 | HIGH | 7.8 | 0.11% | — | 25.10 | Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock when modifying a linked list. An unprivile… | May 28, 2026 |
| CVE-2026-47330 | LOW | 3.3 | 0.09% | — | 25.10 | Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitializ… | May 28, 2026 |
| CVE-2026-47329 | LOW | 3.3 | 0.09% | — | 25.10 | Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor n… | May 28, 2026 |
| CVE-2026-47328 | MEDIUM | 6.1 | 0.09% | — | 25.10 | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not … | May 28, 2026 |
| CVE-2026-47327 | LOW | 3.3 | 0.09% | — | 25.10 | Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmo… | May 28, 2026 |
| CVE-2026-47326 | MEDIUM | 5.5 | 0.09% | — | 25.10 | Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor not… | May 28, 2026 |
| CVE-2026-31431 | HIGH | 7.8 | 96.27% | KEV | 25.10 | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-pla… | Apr 22, 2026 |
| CVE-2026-31431 | HIGH | 7.8 | 96.27% | KEV | 25.04 | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-pla… | Apr 22, 2026 |
| CVE-2026-3497 | HIGH | 7.5 | 2.18% | — | 25.10 | Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI… | Mar 12, 2026 |
Ubuntu 25.x is EOL — migrate to Ubuntu 26.x
Ubuntu 26.x is the next major release. Plan your upgrade before Ubuntu 25.x stops receiving security patches.
Frequently asked questions
Is Ubuntu 25 end of life?
Yes. All Ubuntu 25.x releases have reached end of life and no longer receive security patches. There are 12 known CVEs affecting Ubuntu 25.x. Migrate to Ubuntu 26.x as soon as possible.
What CVEs affect Ubuntu 25?
There are 12 CVEs tracked for Ubuntu 25.x and 2 listed in the CISA Known Exploited Vulnerabilities catalog. See the full list above with CVSS and EPSS scores.
What is the latest Ubuntu 25 version?
The latest Ubuntu 25.x patch release is 25.10, released on October 9, 2025. Always run the latest patch to benefit from all security fixes.
How to migrate from Ubuntu 25 to Ubuntu 26?
To migrate from Ubuntu 25 to Ubuntu 26: (1) review the official Ubuntu 26 migration guide for breaking changes, (2) update dependencies and configuration accordingly, (3) test thoroughly in a staging environment, (4) deploy with a rollback plan. Starting early gives you time to resolve compatibility issues before your current version reaches end of life.
Is it safe to run Ubuntu 25 in production?
No. Ubuntu 25 has reached end of life and security vulnerabilities are no longer patched. Critically, 2 CVEs affecting Ubuntu 25.x are in the CISA KEV catalog — meaning they are actively exploited in the wild. Upgrade to a supported version immediately.
Data sourced from endoflife.date · CVE data from NVD · EPSS from FIRST.org · KEV from CISA
