CVE-2026-26004

Sentry is a developer-first error tracking and performance monitoring tool. Versions prior to 26.1.0 have a cross-organization Insecure Direct Object Reference IDOR vulnerability in Sentry's GroupEventJsonView endpoint. Version 26.1.0 patches the issue...

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the GroupEventJsonView endpoint. An attacker can access event data belonging to other organizations by specifying identifiers for resources outside their authorized scope. Note: This...

Sentry 安全漏洞

Sentry is an open-source error tracking and performance monitoring platform for developers. Versions of Sentry prior to 26.1.0 contained a security vulnerability, which stemmed from an insecure direct object reference in the GroupEventJsonView endpoint across organizations...

PT-2026-25961

Sentry is a developer-first error tracking and performance monitoring tool. Versions prior to 26.1.0 have a cross-organization Insecure Direct Object Reference IDOR vulnerability in Sentry's GroupEventJsonView endpoint. Version 26.1.0 patches the issue...