Complete end-of-life dates, support windows, and security status for all Keycloak versions. Data sourced from endoflife.date and official vendor documentation. Updated at every deploy.
| Version | Latest Release | Release Date | EOL Date | Days | Status |
|---|---|---|---|---|---|
| 10.0 | 10.0.2 | Apr 29, 2020 | Jul 22, 2020 | 2117 days past EOL | EOL |
| 11.0 | 11.0.3 | Jul 22, 2020 | Dec 16, 2020 | 1970 days past EOL | EOL |
| 12.0 | 12.0.4 | Dec 16, 2020 | May 6, 2021 | 1829 days past EOL | EOL |
| 13.0 | 13.0.1 | May 6, 2021 | Jun 18, 2021 | 1786 days past EOL | EOL |
| 14.0 | 14.0.0 | Jun 18, 2021 | Jul 15, 2021 | 1759 days past EOL | EOL |
| 15.0 | 15.0.2 | Jul 30, 2021 | Dec 10, 2021 | 1611 days past EOL | EOL |
| 15.1 | 15.1.1 | Dec 10, 2021 | Dec 17, 2021 | 1604 days past EOL | EOL |
| 16.0 | 16.0.0 | Dec 17, 2021 | Dec 20, 2021 | 1601 days past EOL | EOL |
| 16.1 | 16.1.1 | Dec 20, 2021 | Mar 11, 2022 | 1520 days past EOL | EOL |
| 17.0 | 17.0.1 | Feb 11, 2022 | Apr 20, 2022 | 1480 days past EOL | EOL |
| 18.0 | 18.0.2 | Apr 20, 2022 | Jul 27, 2022 | 1382 days past EOL | EOL |
| 19.0 | 19.0.3 | Jul 27, 2022 | Nov 1, 2022 | 1285 days past EOL | EOL |
| 20.0 | 20.0.5 | Nov 1, 2022 | Feb 23, 2023 | 1171 days past EOL | EOL |
| 21.0 | 21.0.2 | Feb 23, 2023 | Apr 19, 2023 | 1116 days past EOL | EOL |
| 21.1 | 21.1.2 | Apr 19, 2023 | Jul 11, 2023 | 1033 days past EOL | EOL |
| 22.0 | 22.0.5 | Jul 11, 2023 | Nov 23, 2023 | 898 days past EOL | EOL |
| 23.0 | 23.0.7 | Nov 23, 2023 | Mar 4, 2024 | 796 days past EOL | EOL |
| 24.0 | 24.0.5 | Mar 4, 2024 | Jun 10, 2024 | 698 days past EOL | EOL |
| 25.0 | 25.0.6 | Jun 10, 2024 | Oct 4, 2024 | 582 days past EOL | EOL |
| 26.0 | 26.0.8 | Oct 4, 2024 | Jan 15, 2025 | 479 days past EOL | EOL |
| 26.1 | 26.1.5 | Jan 15, 2025 | Apr 11, 2025 | 393 days past EOL | EOL |
| 26.2 | 26.2.5 | Apr 11, 2025 | Jul 2, 2025 | 311 days past EOL | EOL |
| 26.3 | 26.3.5 | Jul 2, 2025 | Sep 30, 2025 | 221 days past EOL | EOL |
| 26.4 | 26.4.7 | Sep 30, 2025 | Jan 6, 2026 | 123 days past EOL | EOL |
| 26.5 | 26.5.7 | Jan 6, 2026 | Apr 8, 2026 | 31 days past EOL | EOL |
| 26.6 | 26.6.1 | Apr 8, 2026 | Already EOL | Supported | Active |
When a Keycloak version reaches end of life, the maintainers stop issuing security patches. Vulnerabilities discovered after this date are publicly disclosed on the National Vulnerability Database, exploit code appears on GitHub, and your systems remain permanently exposed.
The CVE blind spot: Most vulnerability scanners check for known CVEs but do not flag the accumulation of unpatched vulnerabilities in EOL software. With a zero-day, nobody knows about the vulnerability. With EOL software, the vulnerability is public — listed, rated, and often weaponized — but no patch will ever exist. This is the most dangerous gap in enterprise security posture.
Organizations running EOL Keycloak should treat it as a vulnerability class in their risk register, apply compensating controls (network segmentation, enhanced monitoring, access restriction), and prioritize migration to a supported version.
Upload requirements.txt, package.json, or Gemfile — full EOL report instantly.
Open Stack Scanner →