Home

Description

Exposure of sensitive information due to incompatible policies vulnerability in NOMYSOFT Informatics Education and Consulting Inc. Nomysem allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Nomysem: through 08072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

PUBLISHED Reserved 2026-04-14 | Published 2026-07-08 | Updated 2026-07-08 | Assigner TR-CERT




MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-213 Exposure of sensitive information due to incompatible policies

Product status

Default status
unknown

Any version
affected

Credits

Fatih AKTÜRK finder

References

siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0516 government-resource

cve.org (CVE-2026-6280)

nvd.nist.gov (CVE-2026-6280)

Download JSON