Vulnerability Description
Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulnerability in its SAML SSO implementation which allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on the same Sentry instance. Self-hosted users are only at risk if the following criteria is met: ore than one organizations are configured (SENTRY_SINGLE_ORGANIZATION = True), or malicious user has existing access and permissions to modify SSO settings for another organization in a multo-organization instance. This issue has been fixed in version 26.2.0. To workaround this issue, implement user account-based two-factor authentication to prevent an attacker from being able to complete authentication with a victim's user account. Organization administrators cannot do this on a user's behalf, this requires individual users to ensure 2FA has been enabled for their account.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sentry | Sentry | >= 21.12.0, < 26.2.0 |
Related Weaknesses (CWE)
References
- https://github.com/getsentry/sentry/security/advisories/GHSA-ggmg-cqg6-j45gMitigationVendor Advisory
FAQ
What is CVE-2026-27197?
CVE-2026-27197 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulnerability in its SAML SSO implementation which allows an attacker to ta...
How severe is CVE-2026-27197?
CVE-2026-27197 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2026-27197?
Check the references section above for vendor advisories and patch information. Affected products include: Sentry Sentry.