CVE-2026-14792 PUBLISHED

Formbricks Survey actions.ts access control

Assigner: VulDB
Reserved: 05.07.2026 Published: 06.07.2026 Updated: 06.07.2026

A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function of the file apps/web/modules/survey/link/actions.ts of the component Survey Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. Upgrading to version 5.1.0-rc.1 will fix this issue. The identifier of the patch is af6023b5ac3b030ffcea24fac799f76f3e3512c6. You should upgrade the affected component.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X
CVSS Score: 6.9

Product Status

Vendor n/a
Product Formbricks
Versions
  • Version 5.0.0 is affected
  • Version 5.1.0-rc.1 is unaffected

Credits

  • geochen (VulDB User) reporter

References

Problem Types

  • Improper Access Controls CWE
  • Incorrect Privilege Assignment CWE