TL; DR: The release of Sonatype Nexus Repository 2.11.1 includes a fix for the security vulnerability CVE-2014-9389.
Whenever a new Nexus release becomes available, there are many reasons to upgrade. The team always seems to bring in some useful new features or bug fixes that you have been waiting for. Luckily, upgrades to Nexus can be done easily, and there should be no obstacles to sticking with the latest available release.
That is the theory. In practice, however, there always seems to be some reason why you might want to not bother with it. We often find organizations running older versions of Nexus, and the general story is that it just hums along nicely and does its job. Generally that's okay from our point of view, though I personally think you are missing out on all the new features and bug fixes.
More importantly, each update you miss means that eventually when you decide to upgrade, you will have to absorb a potentially more complex upgrade and significant change. It also means you are probably rusty about how to do the upgrade - after all, you are not doing it that often. Just like "release often" makes releases in your software development efforts easier, "upgrade often" reduces deployment risk and makes it easier for you.
Today is one of these days when you should consider upgrading. In fact, we highly recommend it. The release of Nexus 2.11.1 includes a fix for the security vulnerability CVE-2014-9389. You can read all the details about the issue in our related support page. In a nutshell, there is a vulnerability that you want to avoid, especially if your Nexus server is available on the public internet -- even though no exploits are known at this time.
And, like I mentioned, there are many goodies coming your way, especially if you upgrade from Nexus 2.7 or an even older version. In the last releases, we have added NuGet support to Nexus OSS, added NPM support, added >RubyGems support, made many improvements on the >YUM support, and generally fixed bugs and added features across the board. So, if you are using Nexus OSS (now known as Sonatype Nexus Repository Community Edition) or Nexus Professional (now known as Sonatype Nexus Repository), it is probably a time to bite the bullet and do the upgrade. The benefits far outweigh the inconveniences from the upgrade. You will love it.