3 min readNew DelhiUpdated: May 31, 2026 02:55 PM IST
The Central Board of Secondary Education (CBSE) has acknowledged for the first time that cybersecurity vulnerabilities in the OnMark portal — its On-Screen Marking (OSM) system used to evaluate Class 12 answer sheets — had been flagged in the public domain, and confirmed that an expert team has been deployed to secure the platform. The board’s statement, posted on its official X handle, comes amid a controversy that has drawn political fire, raised questions about student evaluation, and put the spotlight on the company behind the platform.
In its post, CBSE stated that it had been ‘closely monitoring the vulnerabilities in the OnMark portal’ and that a team of cybersecurity professionals drawn from ‘various arms of the government as well as the IITs’ had been deployed over the last few days to fortify the system.
The board added that ‘identified vulnerabilities have been contained’ and that other exploitable weaknesses were being ruled out. CBSE also thanked ethical hackers and alert citizens for flagging the issues, saying it had gotten in touch with some of them directly, and invited others to write to secy-cbse@nic.in.
We have been closely monitoring the vulnerabilities in the OnMark portal of our service provider that are being flagged in the public domain. An expert team of cybersecurity professionals has been deployed over the last few days from across various arms of the government as well…
— CBSE HQ (@cbseindia29) May 31, 2026
What has happened?
The disclosure trail began when Nisarga Adhikary noticed that the OnMark portal link was completely public and allegedly began reading the JavaScript code the browser was downloading. He reported what he found to CERT on the same day.
Adhikary, in his posts, said that he found several critical vulnerabilities in the OSM portal that could lead to full account takeover of examiner accounts. He subsequently published a detailed blog post laying out his findings after weeks of what he described as inadequate official response.
On the other hand, CBSE is considering imposing a financial penalty on Hyderabad-based vendor Coempt Edutech Pvt Ltd handling its new On-Screen Marking (OSM) system, after thousands of blurred answer-book scans and multiple cases of mismatched answer sheets were found during this year’s Class 12 board evaluation process, The Indian Express has learnt.
Sources said the CBSE has identified 5,000 blurred answer-book scans so far and 23 cases where students received scanned copies belonging to another candidate’s answer sheet.
It was the first time the fully digital evaluation system was used by the CBSE for Class 12 results, involving over 98 lakh answer books belonging to over 18 lakh students.
Story continues below this ad
Official sources told The Indian Express on Thursday that a CBSE committee will assess the extent of the scanning errors and determine the penalty amount based on the number of affected answer books.