CVE-2025-53099 Sentry Missing Invalidation of Authorization Codes During OAuth Exchange and Revocation

Sentry is a developer-first error tracking and performance monitoring tool. Prior to version 25.5.0, an attacker with a malicious OAuth application registered with Sentry can take advantage of a race condition and improper handling of authorization code within Sentry to maintain persistence to a...

PT-2025-27554 · Sentry · Sentry

Name of the Vulnerable Software and Affected Versions: Sentry versions prior to 25.5.0 Description: The issue allows an attacker with a malicious OAuth application registered with Sentry to take advantage of a race condition and improper handling of authorization code within Sentry, maintaining...