CVE-2025-59934

CRITICAL

formbricks < 4.0.1 - Unauthenticated Authentication Bypass via JWT Signature Verification Missing

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-59934. PoCs published by suriryuk.

AI-analyzed exploit summary The repository contains only a minimal README with no exploit code, technical details, or functional PoC. It is a placeholder with no substantive content.

Description

Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs (jwt.decode) without verifying their signatures. Both the email verification token login path and the password reset server action use the same validator, which does not check the token’s signature, expiration, issuer, or audience. If an attacker learns the victim’s actual user.id, they can craft an arbitrary JWT with an alg: "none" header and use it to authenticate and reset the victim’s password. This issue has been patched in version 4.0.1.

Exploits (1)

github STUB
by suriryuk · poc
https://github.com/suriryuk/cve-2025-59934

The repository contains only a minimal README with no exploit code, technical details, or functional PoC. It is a placeholder with no substantive content.

Classification
Stub 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: unknown
No auth needed
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 9.4
EPSS 0.0786
EPSS Percentile 93.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-287 CWE-345 CWE-347
Status published
Products (1)
formbricks/formbricks < 4.0.1
Published Sep 26, 2025
Tracked Since Feb 18, 2026