Supported branches are the active version lines of a product that still receive official security fixes, bug fixes, and maintenance updates from the vendor or project maintainers. In software like Drupal, each branch represents a specific major or minor release family that remains eligible for patching.
This matters because attackers often target installations that are behind on updates. If a vulnerability is disclosed, only supported branches are expected to get an official fix; unsupported branches may remain exposed or require risky manual mitigation. Defenders use the term to decide whether a system can be patched normally, whether it needs an upgrade first, and how quickly they must respond. In practice, checking supported branches is a basic part of patch management, incident response, and long-term security planning.