Vulnerabilities3 min read
Sentry SAML Flaw Lets Attackers Hijack Any Account—No Password Needed
CVE-2026-42354 (CVSS 9.1) allows attackers to take over any Sentry user account via malicious SAML IdP. Patch to version 26.4.1 immediately.
Marcus ChenMay 9, 2026