Sentry · Sentry · CVE-2026-26004
**Name of the Vulnerable Software and Affected Versions**
Sentry versions prior to 26.1.0
**Description**
Sentry is a developer-first error tracking and performance monitoring tool. Versions prior to 26.1.0 have a cross-organization Insecure Direct Object Reference (IDOR) issue in the `GroupEventJsonView` endpoint. An Insecure Direct Object Reference occurs when an application uses user-supplied input to directly access objects, potentially allowing unauthorized access to data.
**Recommendations**
Update to version 26.1.0 or later.