| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-26004 | Sentry allows unauthorized access to event data across organizational boundaries | getsentry | sentry | 中危 | - | 2026-03-17 23:21:35 | Deep Dive |
| CVE-2026-27197 | Sentry: Improper Authentication on SAML SSO process allows user identity linking | getsentry | sentry | Critical | 9.1 | 2026-02-21 04:35:15 | Deep Dive |
| CVE-2025-65944 | Sentry-Javascript deals with leaked sensitive headers when `sendDefaultPii` is set to `true` | getsentry | sentry-javascript | - | - | 2025-11-25 00:23:53 | Deep Dive |
| CVE-2025-53099 | Sentry Missing Invalidation of Authorization Codes During OAuth Exchange and Revocation | getsentry | sentry | - | - | 2025-07-01 14:53:17 | Deep Dive |
| CVE-2025-22146 | Improper authentication on SAML SSO process allows user impersonation in sentry | getsentry | sentry | Critical | 9.1 | 2025-01-15 19:58:00 | Deep Dive |
| CVE-2024-53253 | Sentry's improper error handling leaks Application Integration Client Secret | getsentry | sentry | Medium | 5.3 | 2024-11-22 19:58:56 | Deep Dive |
| CVE-2024-45605 | Improper authorization on deletion of user issue alert notifications in sentry | getsentry | sentry | Medium | 6.5 | 2024-09-17 19:44:51 | Deep Dive |
| CVE-2024-45606 | Improper authorization on muting of alert rules in sentry | getsentry | sentry | High | 7.1 | 2024-09-17 19:43:19 | Deep Dive |
| CVE-2024-41656 | Sentry vulnerable to stored Cross-Site Scripting (XSS) | getsentry | sentry | High | 7.1 | 2024-07-23 21:30:26 | Deep Dive |
| CVE-2024-40647 | Unintentional exposure of environment variables to subprocesses in sentry-sdk | getsentry | sentry-python | Medium | 5.3 | 2024-07-18 16:51:24 | Deep Dive |
| CVE-2024-35196 | Slack integration leaks sensitive information in logs in Sentry | getsentry | sentry | Low | 2.0 | 2024-05-31 17:25:56 | Deep Dive |
| CVE-2024-32474 | Sentry's superuser cleartext password leaked in logs | getsentry | sentry | High | 7.3 | 2024-04-18 19:50:45 | Deep Dive |
| CVE-2024-24829 | SSRF in Sentry via Phabricator integration | getsentry | sentry | Medium | 4.3 | 2024-02-08 23:44:08 | Deep Dive |
| CVE-2023-51451 | SSRF in symbolicator via invalid protocol | getsentry | symbolicator | Medium | 4.3 | 2023-12-22 21:01:22 | Deep Dive |
| CVE-2023-50249 | Sentry's Astro SDK vulnerable to ReDoS | getsentry | sentry-javascript | High | 7.5 | 2023-12-20 13:53:01 | Deep Dive |
| CVE-2023-49094 | Symbolicator Server Side Request Forgery vulnerability | getsentry | symbolicator | Medium | 4.3 | 2023-11-30 04:49:37 | Deep Dive |
| CVE-2023-46729 | Sentry Next.js vulnerable to SSRF via Next.js SDK tunnel endpoint | getsentry | sentry-javascript | Critical | 9.3 | 2023-11-10 00:57:16 | Deep Dive |
| CVE-2023-39531 | Sentry vulnerable to incorrect credential validation on OAuth token requests | getsentry | sentry | Medium | 6.5 | 2023-08-09 16:09:34 | Deep Dive |
| CVE-2023-39349 | Sentry vulnerable to privilege escalation via ApiTokensEndpoint | getsentry | sentry | High | 8.1 | 2023-08-07 18:27:12 | Deep Dive |
| CVE-2023-36826 | Sentry vulnerable to improper authorization on debug and artifact file downloads | getsentry | sentry | High | 7.7 | 2023-07-25 18:50:42 | Deep Dive |