HIGH🇵🇱 Wersja polska

CVE-2026-52794

CVSS 7.5v3.1pub. 2026-06-24upd. 2026-06-27

Sentry is an error tracking and performance monitoring tool. From 24.4.0 until 26.5.2, a Regular Expression Denial of Service (ReDoS) vulnerability exists in Sentry's event ingestion pipeline, where a regex applied to attacker-controlled fields on incoming events can be made to consume disproportionate CPU time. This vulnerability is fixed in 26.5.2.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Sentry

    APP
    Sentry
    24.4.0 – 26.5.2 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2026-42354CRITICAL9.1PL ✓ten sam produkt

Przejęcie konta użytkownika przez podatność SAML SSO w Sentry

CVE-2026-27197CRITICAL9.1PL ✓ten sam produkt

Sentry SAML SSO — przejęcie konta użytkownika (Auth Bypass)

CVE-2021-47935HIGH8.7ten sam produkt

Sentry 8.2.0 contains a remote code execution vulnerability that allows authenticated superusers to execute ar...

CVE-2024-45606HIGH7.1ten sam produkt

Sentry is a developer-first error tracking and performance monitoring platform. An authenticated user can mute...

CVE-2024-41656HIGH7.1ten sam produkt

Sentry is an error tracking and performance monitoring platform. Starting in version 10.0.0 and prior to versi...

CVE-2026-52794 — Sentry — HIGH — CVSS 7.5 | CVEbaza.pl