Back to overview

CVE-2026-6280

MEDIUM
6.5
CVSS 3.1
Description
Exposure of sensitive information due to incompatible policies vulnerability in NOMYSOFT Informatics Education and Consulting Inc. Nomysem allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Nomysem: through 08072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Metadata

CVE ID
CVE-2026-6280
State
PUBLISHED
Assigner
TR-CERT
Reserved
2026-04-14 14:24 UTC
Published
2026-07-08 08:45 UTC
Last updated
2026-07-08 08:45 UTC
Primary CWE
CWE-213
CWE-213 Exposure of sensitive information due to incompatibl…
Vendor / Product
NOMYSOFT Informatics Education and Consulting Inc. / Nomysem
Sources
cve.org  ·  NVD

Severity & Metrics

6.5 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products (1)
VendorProductPlatformVersions
NOMYSOFT Informatics Education and Consulting Inc. Nomysem 0 ≤ 08072026
Weakness (CWE)
CWESourceDescription
CWE-213 cna CWE-213 Exposure of sensitive information due to incompatible policies
CVSS scores (1)
ScoreSeverityVersionSourceVector
6.5 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Back to overview