← Back
CVE-2026-42354
critical
CVSS 9.1
Vulnerability in sso (CVE-2026-42354)
Summary
vulnerability in sso (CVE-2026-42354). Confidential information can be exposed externally. Exploitable via ``Moved``.
AI summary openai / gpt-4o
Sentry, an error tracking tool, has a serious security vulnerability whereby attackers can take over user accounts without needing passwords. This issue affects certain versions and is patched in the latest version. Users are advised to enable two-factor authentication to prevent unauthorized access. A similar past incident is the Heartbleed vulnerability where IDs were compromised.
CVE-2026-42354 is a critical authentication bypass in Sentry's SAML SSO implementation, exploitable via a malicious SAML Identity Provider. It affects versions 21.12.0 to 26.4.0 and is patched in version 26.4.1. To prevent exploitation, it is recommended to enforce two-factor authentication. Exploitation requires knowledge of the victim's email address.
❓ What is the problem
Sentry's SAML SSO implementation has an authentication bypass vulnerability.
📍 Affected scope
Sentry versions from 21.12.0 to before 26.4.1.
🔥 Severity
Critical severity (CVSS v3: 9.1) due to network access, no user interaction or authentication needed.
🔧 How to fix
Upgrade to Sentry version 26.4.1 or later.
🛡️ Workaround
Enforce two-factor authentication for all users.
🔍 Detection
No specific detection method provided; monitor for unauthorized SSO changes or anomalies.
Related past incidents Similar incidents extracted from past CVEs
A serious vulnerability in OpenSSL allowing memory exposure to attackers, leading to data theft.
A remote code execution vulnerability in Apache Log4j impacting numerous applications and services.
Similar SAML SSO vulnerability in another application allowing account takeover.
If this happens at your company Expected impact per business scenario
📌 Enterprises using Sentry for error tracking and performance monitoring.
Unauthorized parties could take over user accounts, leading to data breaches or monitoring interruptions.
📌 Organizations with multi-tenant Sentry instances.
Cross-tenant attacks resulting in unauthorized data access and potential compliance violations.
📌 Developers relying on Sentry for application error monitoring.
Interruption in monitoring services, causing delays in issue detection and resolution.
Recommended action
Organizations should update their Sentry installations and enforce two-factor authentication for all users.
Response Actions (7 steps)
Concrete steps and command examples for SOC/SRE teams to execute in order
-
1Identify exposure identify
Audit SBOM/dependencies for affected components.依存マニフェストで影響コンポーネントを特定する。
-
2Match against affected range verify
Confirm if version satisfies `>= 21.12.0, < 26.4.0`Step 1 で見つかったバージョンが影響範囲 `>= 21.12.0, < 26.4.0` に該当するか照合。本番で稼働中ならインシデント扱い。
-
7Post-deployment verification verify
Confirm patched version is live in productionパッチ適用後、ステージングで PoC または同等の悪用パターンを再現して脆弱性が閉じたことを確認。本番では Step 3 と同じログクエリでアラート再発が無いか継続監視。
References
- web [email protected]
- web [email protected]
- web [email protected]
- web [email protected]