Unrated severityNVD Advisory· Published Mar 17, 2026· Updated Mar 18, 2026
Sentry allows unauthorized access to event data across organizational boundaries
CVE-2026-26004
Description
Sentry is a developer-first error tracking and performance monitoring tool. Versions prior to 26.1.0 have a cross-organization Insecure Direct Object Reference (IDOR) vulnerability in Sentry's GroupEventJsonView endpoint. Version 26.1.0 patches the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <26.1.0
Patches
Vulnerability mechanics
References
3- github.com/getsentry/sentry/commit/45bc78fd57514a04eb62e73dd1eeb3ca2d723997mitrex_refsource_MISC
- github.com/getsentry/sentry/pull/105601mitrex_refsource_MISC
- securitylab.github.com/advisories/GHSL-2025-130_Sentry/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.