CVE-2026-14792
Description
A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function of the file apps/web/modules/survey/link/actions.ts of the component Survey Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. Upgrading to version 5.1.0-rc.1 will fix this issue. The identifier of the patch is af6023b5ac3b030ffcea24fac799f76f3e3512c6. You should upgrade the affected component.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
References
- https://github.com/formbricks/formbricks/
- https://github.com/formbricks/formbricks/commit/af6023b5ac3b030ffcea24fac799f76f3e3512c6
- https://github.com/formbricks/formbricks/pull/8094
- https://github.com/formbricks/formbricks/releases/tag/5.1.0-rc.1
- https://vuldb.com/cve/CVE-2026-14792
- https://vuldb.com/submit/850791
- https://vuldb.com/vuln/376386
- https://vuldb.com/vuln/376386/cti
CWEs
CWE-266 CWE-284
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.