diff --git a/changes/v5.0.14/fix-9667.en.md b/changes/v5.0.14/fix-9667.en.md
new file mode 100644
index 000000000..4b0fe7aef
--- /dev/null
+++ b/changes/v5.0.14/fix-9667.en.md
@@ -0,0 +1 @@
+Remove possibility to set `clientid` for `/publish` and `/publish/bulk` HTTP APIs. This is to reduce the risk for security confusion.
diff --git a/changes/v5.0.14/fix-9667.zh.md b/changes/v5.0.14/fix-9667.zh.md
new file mode 100644
index 000000000..f3952ca14
--- /dev/null
+++ b/changes/v5.0.14/fix-9667.zh.md
@@ -0,0 +1 @@
+从 HTTP API /publish 和 /publish/bulk 中移除 clientid, 降低安全风险