We are pleased to announce the release of Apache CloudStack CloudMonkey v6.5.0, the latest version of the popular command-line interface tool for managing Apache CloudStack environments.

The Apache CloudStack project is pleased to announce the release of CloudStack 4.21.0.0, which is a Regular release.

The CloudStack 4.21 release is the most recent release of the cloud management platform. It comes as a product of extensive contributions from the project development community.

The 4.21 release contains 15 new features, around 40 improvements and more than 150 bug fixes since 4.20. Some of the highlights include:

The Apache CloudStack project announces the LTS release of 4.19.3.0 and 4.20.1.0 that address the following security issues:

• CVE-2025-26521 (severity 'Critical')
• CVE-2025-30675 (severity 'Low')
• CVE-2025-47713 (severity 'Critical')
• CVE-2025-47849 (severity 'Moderate')
• CVE-2025-22829 (severity 'Low')

The Apache CloudStack project is pleased to announce the release of CloudStack 4.19.3.0 and 4.20.1.0.

The CloudStack releases 4.19.3.0 and 4.20.1.0 are maintenance releases as part of their 4.19.x and 4.20.x LTS branches respectively. CloudStack release 4.19.3.0 contains more than 120 fixes and improvements since CloudStack 4.19.2.0 and CloudStack 4.20.1.0 contains more than 150 fixes and improvements since CloudStack 4.20.0.0 release.

The Apache CloudStack project is pleased to announce the release of CloudStack 4.19.2.0.

CVE-2025-22828: Unauthorised access to annotations​

Severity: Low

Affected versions:

• Apache CloudStack 4.16.0 or later

Description:​

CloudStack users can add and read comments (annotations) on resources they are authorised to access.

Apache CloudStack LTS Release 4.20.0.0

The Apache CloudStack project is pleased to announce the release of CloudStack 4.20.0.0.

Apache CloudStack 4.20 is the most recent release of the cloud management platform. It comes as a product of extensive contributions from the development community and is a LTS release, guaranteeing ongoing maintenance and support for a period of 18 months

The Apache CloudStack project announces the release of LTS security releases 4.18.2.5 and 4.19.1.3 that address the following security issues:

• CVE-2024-50386 (severity 'Important')

The Apache CloudStack project announces the release of LTS security releases 4.18.2.4 and 4.19.1.2 that address the following security issues:

• CVE-2024-45219 (severity 'Important')
• CVE-2024-45461 (severity 'Moderate')
• CVE-2024-45462 (severity 'Moderate')
• CVE-2024-45693 (severity 'Important')

Apache CloudStack project announces the release of LTS security releases 4.18.2.3 and 4.19.1.1 that address CVE-2024-42062 and CVE-2024-42222, both of severity rating 'critical', explained below.