CVE-2026-42354
9.1 CRITICALSentry is an error tracking and performance monitoring tool
Published: 2026-05-08 · Last updated: 2026-05-18
Severity and scoring
- CVSS
- 9.1 CRITICAL
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- CWE
- CWE-290
Affected products
| Vendor | Product |
|---|---|
| sentry | sentry |
Description
Sentry is an error tracking and performance monitoring tool. From version 21.12.0 to before version 26.4.1, a critical vulnerability was discovered in the SAML SSO implementation of Sentry. The vulnerability allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on the same Sentry instance. The victim email address must be known in order to exploit this vulnerability. This issue has been patched in version 26.4.1.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-42354
- [Patch]https://github.com/getsentry/sentry/commit/0c67558ae7fe08738912d4c5233b53ead048da3b
- [Patch]https://github.com/getsentry/sentry/pull/113720
- [Other]https://github.com/getsentry/sentry/releases/tag/26.4.1
- [Vendor advisory]https://github.com/getsentry/sentry/security/advisories/GHSA-rcmw-7mc7-3rj7
Related CVEs
Same CWE
- CVE-2026-53817 — OpenClaw before 2026.5.22 contains a locality validation vulnerability in Control UI pairing that allows attackers with network access to... (8.8 HIGH)
- CVE-2026-53811 — OpenClaw before 2026.5.7 contains a privilege escalation vulnerability in the Matrix allowFrom feature that allows authenticated accounts... (8.8 HIGH)
- CVE-2026-6090 — A potential authentication bypass was reported in Lenovo Smart Connect for Windows that could allow a local authenticated user to execute... (7.0 HIGH)
- CVE-2026-48567 — Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network (10.0 CRITICAL)
- CVE-2026-11019 — Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised... (6.5 MEDIUM)