Request Pricing
Every unpatched CVE is a risk. Fix them all now.
High
NES for Apache Kafka
Apache Kafka
Information Exposure
>=2.8.0 <3.9.2, >=4.0.0 <4.0.2, >=4.1.0 <4.1.2
July 1, 2026
Medium
NES for Apache Kafka
Apache Kafka
Information Exposure
>=0.11.0 <3.9.2, =4.0.0
July 1, 2026
Low
Apache Tomcat
Apache Tomcat
Cross-Site Scripting
>= 7.0.0 <=7.0.109, >=8.5.0 <=8.5.100, >=9.0.0.M1 <9.0.119, >=10.1.0-M1 <10.1.56, >=11.0.0-M1 <11.0.23
July 1, 2026
Low
Apache Tomcat
Apache Tomcat
Information Exposure
>=8.5.0 <=8.5.100, >=9.0.0.M1 <9.0.119, >=10.1.0-M1 <10.1.56, >=11.0.0-M1 <11.0.23
July 1, 2026
Low
Apache Tomcat
Apache Tomcat
Authorization Bypass
>=7.0.100 <= 7.0.109, >=8.5.38 <=8.5.100, >=9.0.0.M1 <9.0.119, >=10.1.0-M1 <10.1.56, >=11.0.0-M1 <11.0.23
July 1, 2026
Medium
Apache Tomcat
Apache Tomcat
Authorization Bypass
>= 7.0.0 <=7.0.109, >=8.5.0 <=8.5.100, >=9.0.0.M1 <9.0.119, >=10.1.0-M1 <10.1.56, >=11.0.0-M1 <11.0.23
July 1, 2026
High
Apache Tomcat
Apache Tomcat
Authorization Bypass
>= 7.0.0 <=7.0.109, >=8.5.0 <=8.5.100, >=9.0.0.M1 <9.0.119, >=10.1.0-M1 <10.1.56, >=11.0.0-M1 <11.0.23
July 1, 2026
Ensuring Full Compliance and Security
Never-Ending Support ensures your end-of-life open-source software stays fully compliant with industry standards like HIPAA, PCI, SOC2 and FedRAMP. With ongoing security updates and a commitment to audit readiness, you can rest easy knowing your systems remain compliant, secure, and ready for any inspection.
Trusted by 900+ Companies, 8,000+ Developers
From the very first point of contact, working with HeroDevs has been an exceptional experience...The option to install EOL Support, rather than undertaking a full internal migration, has saved us significant time, money, and frustrations.”
UI/UX Engineering Manager
Frequently Asked Questions
Get answers to some of our most commonly asked questions.
Of course, if you can't find the answer you're looking for, feel free to contact us.
How does intellectual property for NES libraries work?
Do I pay extra for development, staging, etc. environments?
What makes onboarding so easy?
How hard is it to get this through our InfoSec and Legal procurement process?
Do you offer discounts for nonprofits, open source companies, or educational institutions?
Do you have multi-year license options?
How are licenses tracked? Do you install a license server?
What happens if team members leave or join after we’ve purchased licenses?
What does a license cover?