Is Bamboo 9.3.6 patched?
Current stable (12.1.8): 100/100
9.3.6 has 2 open critical-or-high vulnerabilities. Run 9.6.5 or later to clear them. See what 9.6.5 fixes →
Summary iPlain-English security status for Bamboo 9.3.6, built from its CVEs, active-exploitation data, end-of-life date and latest release.
Bamboo 9.3.6 is part of the 9.3 release line. 2 known vulnerabilities affect it. The minimum safe version is 9.6.5 — upgrade to it or later to clear the open critical/high issues. The 9.3 line reached end-of-life on 2025-06-01, so it no longer receives security patches. The latest supported Bamboo release is 12.1.8.
Known issues affecting 9.3.6
Exploited first, then by exploitation probability.
CVE-2024-21689 HIGH EPSS 3% → fixed in 9.6.5 CVE-2024-21687 HIGH EPSS 1% → fixed in 9.6.4Other Bamboo versions
Check another release line of Bamboo.
Frequently asked
Is Bamboo 9.3.6 patched?
Bamboo 9.3.6 is end-of-life and no longer receives security patches. Move to 12.1.8.
What version should I upgrade Bamboo 9.3.6 to?
Upgrade Bamboo 9.3.6 to at least 9.6.5 to clear its 2 open critical-or-high vulnerabilities.
When does Bamboo 9.3 reach end-of-life?
Bamboo 9.3 reached end-of-life on 2025-06-01 and no longer receives security patches.
What is the latest version of Bamboo?
The latest supported Bamboo release is 12.1.8.
Is Bamboo 9.3.6 still receiving security updates?
No — Bamboo 9.3.6 is on the 9.3 line, which reached end-of-life on 2025-06-01 and no longer receives security updates. Upgrade to 12.1.8 or later to stay supported.
Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Atlassian's official advisory before you patch or upgrade — Bamboo official site ↗