Skip to content

eolcanary/eolcanary.com

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
README.md
README.md
 
 

Repository files navigation

EOLCanary — EOL Dates & CVE Tracker for 459 Technologies

EOLCanary is a free, open tracker that tells you exactly when your software reaches end of life — and which CVEs were published after support ended.

🔗 eolcanary.com

What is EOLCanary?

Every day, developers run software versions that are no longer supported. When a version reaches end of life, the vendor stops shipping security patches. Any CVE discovered after that date will never be fixed.

EOLCanary tracks 459 technologies, 8 100+ release cycles, and 8 300+ CVEs so you know exactly when to upgrade — before it becomes a security incident.

Features

  • EOL dates for 459 technologies — synced daily from endoflife.date
  • CVE tracking per release — every vulnerability mapped to its exact affected version, with CVSS score and NVD link
  • EOL Calendar — see every version going end-of-life in the next 30, 60 or 90 days
  • Weekly CVE Report — every Monday, a digest of critical vulnerabilities affecting developer stacks
  • Free — no account required

Tracked Technologies (sample)

Category Examples
Languages PHP, Python, Ruby, Node.js, Go, Java, .NET, Perl
Databases PostgreSQL, MySQL, MongoDB, Redis, MariaDB, CouchDB
Operating Systems Ubuntu, Debian, RHEL, CentOS, Alpine Linux, macOS
Web Servers nginx, Apache HTTP Server, HAProxy
Runtimes & Frameworks Django, Laravel, Spring Boot, Rails, Angular, React
Containers & Cloud Docker, Kubernetes, Amazon Linux

→ Browse all 459 technologies on eolcanary.com

Why end-of-life tracking matters

Software that reaches end of life stops receiving security updates. Any new CVE discovered after EOL will never be patched by the vendor. Running EOL software in production exposes your stack to known, unmitigated vulnerabilities.

Common risks:

  • Known CVEs left unpatched — attackers actively target EOL software
  • Compliance failures — PCI-DSS, SOC 2 and ISO 27001 require supported software versions
  • No vendor support — no patches, no hotfixes, no security advisories

Data sources

Source Data
endoflife.date EOL dates, release cycles, LTS status
NVD (NIST) CVE data, CVSS scores, vulnerability descriptions

Data is synced daily. Each technology page on EOLCanary shows all release cycles, their support status, and every CVE mapped to the exact affected version.

Links

Popular pages

Data updated daily. Free to use.

About

Never get caught running EOL software in production. EOLCanary tracks end-of-life dates and CVEs for 459 technologies — runtimes, databases, frameworks and operating systems. Every CVE mapped to its exact affected version, with CVSS and EPSS scores. Updated daily. Know before your stack expires.

https://eolcanary.com

Topics

security developer-tools cve cve-scanning eol endoflife endoflife-date

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors