CVE-2026-52794

HIGH NVD

CVSS Score 7.5

Severity HIGH

Published Jun 24, 2026

Vendor unknown

Description

Sentry is an error tracking and performance monitoring tool. From 24.4.0 until 26.5.2, a Regular Expression Denial of Service (ReDoS) vulnerability exists in Sentry's event ingestion pipeline, where a regex applied to attacker-controlled fields on incoming events can be made to consume disproportionate CPU time. This vulnerability is fixed in 26.5.2.

References

https://github.com/getsentry/sentry/pull/116587
https://github.com/getsentry/sentry/security/advisories/GHSA-jjqr-wqg2-p856