Summary: A critical vulnerability in the SAML single sign-on (SSO) implementation of the Sentry platform could have allowed attackers to hijack user accounts. Tracked as CVE-2025-22146 with a CVSS score of 9.1, the flaw was due to improper authentication, enabling malicious actors to impersonate users on shared instances. Sentry has released a patch in version 25.1.0 to address this vulnerability, urging users to upgrade promptly.
Threat Actor: Malicious Actors | malicious actors
Victim: Sentry Users | Sentry users
Keypoints :
- Vulnerability tracked as CVE-2025-22146 with a CVSS score of 9.1.
- Attackers could impersonate users by exploiting improper authentication in SAML SSO.
- Users are urged to upgrade to version 25.1.0 or later to mitigate risks.