CVE-2026-6280
MEDIUM
6.5
CVSS 3.1
Description
Exposure of sensitive information due to incompatible policies vulnerability in NOMYSOFT Informatics Education and Consulting Inc. Nomysem allows Accessing Functionality Not Properly Constrained by ACLs.
This issue affects Nomysem: through 08072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Metadata
Severity & Metrics
6.5
MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| NOMYSOFT Informatics Education and Consulting Inc. | Nomysem | — | 0 ≤ 08072026 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-213 | cna | CWE-213 Exposure of sensitive information due to incompatible policies |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 6.5 | MEDIUM | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |