Runtime · Lifecycle Status

Runtimes & Languages End of Life Dates

Runtime end-of-life is the most searched EOL category. Node.js, Python, PHP, and Java each have millions of production deployments running versions that have already passed their official end-of-life date — creating a permanent and growing CVE blind spot in application security.

Live data from endoflife.date · Updated continuously · How we source data →

13
Total Products
End of Life
Warning
Active
nodejs
Node.js
Loading...
python
Python
Loading...
php
PHP
Loading...
ruby
Ruby
Loading...
java
Java
Loading...
go
Go
Loading...
rust
Rust
Loading...
perl
Perl
Loading...
erlang
Erlang
Loading...
elixir
Elixir
Loading...
dotnet
.NET
Loading...
kotlin
Kotlin
Loading...
scala
Scala
Loading...

Why Runtime EOL Creates the Biggest Blind Spot

Application runtimes are the foundation everything else is built on. When a runtime version reaches EOL, every application running on it is exposed — regardless of whether the application code itself is secure. CVEs in the runtime standard library, garbage collector, HTTP stack, or cryptographic modules accumulate with no patch path available.

Node.js 18 reached EOL in April 2025. Node.js 20 reached EOL in April 2026. Python 3.8 reached EOL in October 2024. PHP 8.1 reached EOL in December 2024. These versions collectively power a significant fraction of production web infrastructure globally.

Runtime upgrades are often simpler than they appear — the majority of applications require only minor dependency updates to move to the next supported version. The risk of staying on an EOL runtime far outweighs the effort of migration for most codebases.

Related Categories