Is CVE-2026-52794 being exploited?

No public exploit is currently tracked.

How severe is CVE-2026-52794?

CVE-2026-52794 has a CVSS v3 severity of HIGH (7.5).

Back

CVE-2026-52794

Description

Sentry is an error tracking and performance monitoring tool. From 24.4.0 until 26.5.2, a Regular Expression Denial of Service (ReDoS) vulnerability exists in Sentry's event ingestion pipeline, where a regex applied to attacker-controlled fields on incoming events can be made to consume disproportionate CPU time. This vulnerability is fixed in 26.5.2.