CVE-2026-6280

Summary

Exposure of sensitive information due to incompatible policies vulnerability in NOMYSOFT Informatics Education and Consulting Inc. Nomysem allows Accessing Functionality Not Properly Constrained by ACLs.

This issue affects Nomysem: through 08072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
NOMYSOFT Informatics Education and Consulting Inc.Nomysem0 <= 08072026affected

Weaknesses

  • CWE-213: CWE-213 Exposure of sensitive information due to incompatible policies

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References