Synced 16 Jun 2026 15:24 UTC Account

Is BigBlueButton 2.5.20 patched?

BigBlueButton · cycle 2.5 · end of life · Official site ↗
2.5.2040/100End of life

Current stable (3.0.29): 100/100

Minimum safe version3.0.22

2.5.20 has 4 open critical-or-high vulnerabilities. Run 3.0.22 or later to clear them. See what 3.0.22 fixes →

Health score40/100
Open issues8
Exploited now0
Cycle 2.5 EOL2023-09-06
Latest release3.0.29

Summary iPlain-English security status for BigBlueButton 2.5.20, built from its CVEs, active-exploitation data, end-of-life date and latest release.

BigBlueButton 2.5.20 is part of the 2.5 release line. 8 known vulnerabilities affect it. The minimum safe version is 3.0.22 — upgrade to it or later to clear the open critical/high issues. The 2.5 line reached end-of-life on 2023-09-06, so it no longer receives security patches. The latest supported BigBlueButton release is 3.0.29.

Known issues affecting 2.5.20

Exploited first, then by exploitation probability.

CVE-2025-61601 HIGH EPSS 0% → fixed in 3.0.13 CVE-2023-43797 MEDIUM EPSS 0% → fixed in 2.6.11 CVE-2023-43798 MEDIUM EPSS 0% → fixed in 2.6.12 CVE-2026-27466 HIGH EPSS 0% → fixed in 3.0.22 CVE-2025-61602 HIGH EPSS 0% → fixed in 3.0.13 CVE-2025-55200 HIGH EPSS 0% → fixed in 3.0.13 CVE-2026-27467 LOW EPSS 0% → fixed in 3.0.20 CVE-2026-27736 MEDIUM EPSS 0% → fixed in 3.0.20

Other BigBlueButton versions

Check another release line of BigBlueButton.

BigBlueButton 3.0.29BigBlueButton 2.7.16BigBlueButton 2.6.18

Frequently asked

Is BigBlueButton 2.5.20 patched?

BigBlueButton 2.5.20 is end-of-life and no longer receives security patches. Move to 3.0.29.

What version should I upgrade BigBlueButton 2.5.20 to?

Upgrade BigBlueButton 2.5.20 to at least 3.0.22 to clear its 4 open critical-or-high vulnerabilities.

When does BigBlueButton 2.5 reach end-of-life?

BigBlueButton 2.5 reached end-of-life on 2023-09-06 and no longer receives security patches.

What is the latest version of BigBlueButton?

The latest supported BigBlueButton release is 3.0.29.

Is BigBlueButton 2.5.20 still receiving security updates?

No — BigBlueButton 2.5.20 is on the 2.5 line, which reached end-of-life on 2023-09-06 and no longer receives security updates. Upgrade to 3.0.29 or later to stay supported.

Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against BigBlueButton's official advisory before you patch or upgrade — BigBlueButton official site ↗