CVE-2026-42354: CWE-290: Authentication Bypass by Spoofing in getsentry sentry
A critical authentication bypass vulnerability (CVE-2026-42354) exists in Sentry's SAML SSO implementation in versions from 21. 12. 0 up to but not including 26. 4. 1. An attacker controlling a malicious SAML Identity Provider and another organization on the same Sentry instance can take over any user account if the victim's email address is known. This vulnerability has been patched in version 26. 4. 1. The CVSS score is 9.
AI Analysis
Technical Summary
CVE-2026-42354 is an authentication bypass vulnerability in the SAML Single Sign-On (SSO) implementation of the Sentry error tracking and performance monitoring tool. It affects versions starting from 21.12.0 up to but not including 26.4.1. The flaw allows an attacker who controls a malicious SAML Identity Provider and has access to another organization on the same Sentry instance to impersonate any user account by knowing the victim's email address. This enables full account takeover without user interaction or privileges. The vulnerability has been fixed in Sentry version 26.4.1.
Potential Impact
Successful exploitation allows an attacker to fully compromise any user account on the affected Sentry instance, leading to complete loss of confidentiality and integrity of that account. There is no impact on availability. This can result in unauthorized access to sensitive error tracking and performance data managed by Sentry.
Mitigation Recommendations
This vulnerability is patched in Sentry version 26.4.1. Users should upgrade to version 26.4.1 or later to remediate this issue. Since this is not a cloud service, the vendor does not manage remediation automatically. Patch status is confirmed by the vendor advisory stating the fix is included in version 26.4.1. Until upgraded, users should be aware of the risk of malicious SAML Identity Providers and restrict SAML IdP trust relationships accordingly.
CVE-2026-42354: CWE-290: Authentication Bypass by Spoofing in getsentry sentry
Description
A critical authentication bypass vulnerability (CVE-2026-42354) exists in Sentry's SAML SSO implementation in versions from 21. 12. 0 up to but not including 26. 4. 1. An attacker controlling a malicious SAML Identity Provider and another organization on the same Sentry instance can take over any user account if the victim's email address is known. This vulnerability has been patched in version 26. 4. 1. The CVSS score is 9.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-42354 is an authentication bypass vulnerability in the SAML Single Sign-On (SSO) implementation of the Sentry error tracking and performance monitoring tool. It affects versions starting from 21.12.0 up to but not including 26.4.1. The flaw allows an attacker who controls a malicious SAML Identity Provider and has access to another organization on the same Sentry instance to impersonate any user account by knowing the victim's email address. This enables full account takeover without user interaction or privileges. The vulnerability has been fixed in Sentry version 26.4.1.
Potential Impact
Successful exploitation allows an attacker to fully compromise any user account on the affected Sentry instance, leading to complete loss of confidentiality and integrity of that account. There is no impact on availability. This can result in unauthorized access to sensitive error tracking and performance data managed by Sentry.
Mitigation Recommendations
This vulnerability is patched in Sentry version 26.4.1. Users should upgrade to version 26.4.1 or later to remediate this issue. Since this is not a cloud service, the vendor does not manage remediation automatically. Patch status is confirmed by the vendor advisory stating the fix is included in version 26.4.1. Until upgraded, users should be aware of the risk of malicious SAML Identity Providers and restrict SAML IdP trust relationships accordingly.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-26T13:26:14.515Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69fe6c74cbff5d86103b91b7
Added to database: 5/8/2026, 11:06:28 PM
Last enriched: 5/8/2026, 11:21:48 PM
Last updated: 5/9/2026, 12:09:25 AM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.