# Outdated Laravel Version: How to Upgrade to a Supported Release for Security Patches > Running a Laravel version below current LTS means you are no longer receiving security patches. Upgrade to stay protected against published vulnerabilities. **Severity:** medium | **Category:** Application Security --- ## The Issue Laravel provides bug fixes for 18 months and security fixes for 2 years after each major release. Once a version leaves the security support window, published vulnerabilities are never patched. Attackers specifically target end-of-life frameworks because the vulnerabilities are documented and guaranteed to be unpatched. Running an unsupported Laravel version means every new CVE affects you permanently. ## Steps to Fix ### 1. Check your current Laravel version Determine your installed version: php artisan --version # Or composer show laravel/framework | grep versions Current Laravel support status (as of 2026): - Laravel 12.x — Active support (current) - Laravel 11.x — Security fixes until March 2027 - Laravel 10.x — Security fixes ended February 2026 - Laravel 9.x and below — End of life, no patches If you are on 10.x or below, upgrade immediately. ### 2. Follow the official upgrade guide Laravel publishes detailed upgrade guides for each major version: 1. Read the upgrade guide at laravel.com/docs/[version]/upgrade 2. Update composer.json dependencies 3. Run composer update 4. Apply breaking changes documented in the guide 5. Run your test suite # Typical composer.json change for 11 → 12 "laravel/framework": "^12.0" Use Laravel Shift (laravelshift.com) for automated upgrades — it handles most breaking changes automatically via a pull request. ### 3. Test thoroughly after upgrading Run your full test suite and do manual QA: php artisan test # Check for deprecation warnings php artisan test 2>&1 | grep -i deprecat # Verify critical paths - User registration and login - Payment processing - API endpoints - Background jobs - Email sending Deploy to staging first and run smoke tests before production. ## Verification Verify your version is within the support window: php artisan --version Check the Laravel release page at laravel.com/docs/releases for current support dates. Run php artisan stackshield:scan --check=SS055 to verify. ## Prevention Plan major version upgrades as part of your regular maintenance cycle. Budget for one major upgrade per year. Use Laravel Shift to automate the process. Subscribe to the Laravel blog for release announcements and security advisories. --- ## Frequently Asked Questions ### Can I skip major versions when upgrading? Technically yes, but it is harder. Each major version introduces breaking changes. Skipping from 9 to 12 means dealing with three sets of breaking changes at once. Upgrade one major version at a time for the smoothest experience. Laravel Shift supports sequential upgrades. ### What if I cannot upgrade due to a dependency? Check if the dependency has a newer version compatible with your target Laravel version. If it is abandoned, find an alternative package. As a last resort, fork the dependency and update it. Do not let one outdated package keep your entire application on an unsupported framework.