Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.7
Sentry: Malicious Access to Shared Error Data
CVE-2026-26004
Summary
Versions of Sentry's error tracking tool before 26.1.0 allow unauthorized access to sensitive data shared between organizations. This could lead to sensitive data being exposed or manipulated. Update to version 26.1.0 or later to fix the issue.
Original title
Sentry is a developer-first error tracking and performance monitoring tool. Versions prior to 26.1.0 have a cross-organization Insecure Direct Object Reference (IDOR) vulnerability in Sentry's Grou...
Original description
Sentry is a developer-first error tracking and performance monitoring tool. Versions prior to 26.1.0 have a cross-organization Insecure Direct Object Reference (IDOR) vulnerability in Sentry's GroupEventJsonView endpoint. Version 26.1.0 patches the issue.
nvd CVSS4.0
5.7
Vulnerability type
CWE-639
Authorization Bypass Through User-Controlled Key
Published: 18 Mar 2026 · Updated: 18 Mar 2026 · First seen: 18 Mar 2026