Key Takeaways
- CBSE cybersecurity flaws were identified and contain vulnerabilities in the digital grading portal
- 5 critical flaws disclosed by an independent cybersecurity researcher
- System used for exams taken by 1.8 million students in 2026
The Central Board of Secondary Education has identified vulnerabilities in its OnMark digital grading portal after issues were flagged by a teenage cybersecurity researcher. The system is used to evaluate answer sheets for one of the country’s largest school examinations, taken by 1.8 million students in 2026.
The board stated that it has been closely monitoring the platform and has addressed the reported weaknesses. Additional checks are ongoing to identify any remaining exploitable issues within the system.
CBSE Cybersecurity Flaws Highlight Risks In Digital Grading Systems
The OnMark portal, introduced in 2026, enables teachers to grade scanned copies of physical answer sheets through an online interface. The platform plays a central role in processing exam evaluations at scale, handling large volumes of student data and academic records.
Concerns emerged after students reported discrepancies between physical answer sheets and digital copies shared for re-evaluation. These reports increased scrutiny of the system’s data integrity and processing workflows.
A cybersecurity researcher disclosed 5 critical vulnerabilities in the platform, highlighting CBSE cybersecurity flaws that could have allowed unauthorized access to examiner accounts. Potential risks included manipulation of marks and disruption of the grading process.
The vulnerabilities were reported to the national incident response agency on February 25. The agency acknowledged receipt of the disclosure. The board later stated that the portal had not been compromised and that no confirmed breaches were identified during the review process.
Infrastructure Strengthening And Cybersecurity Measures Implemented
Following the disclosure, cybersecurity experts from government agencies and engineering institutions were deployed to reinforce the system. Measures included migrating the platform to a more secure environment and strengthening monitoring mechanisms.
The board confirmed that the identified issues associated with the CBSE cybersecurity flaws have been contained and that ongoing assessments are being conducted to eliminate additional risks. The focus remains on improving system resilience, access controls, and data protection mechanisms within the grading platform.
The incident highlights the cybersecurity challenges associated with digital transformation in education systems that operate at a national scale. Platforms handling academic data must manage authentication, data accuracy, and secure processing across distributed users.
The grading portal processes scanned answer sheets, making data integrity a critical component of the system. Any discrepancies between physical and digital records can affect evaluation outcomes, increasing the importance of secure data handling and verification processes.
The case also reflects the growing role of independent researchers in identifying vulnerabilities within public digital infrastructure. Early detection and disclosure of system weaknesses can support faster mitigation and reduce potential exposure to cyber risks.
As digital evaluation systems continue to expand, the need for continuous monitoring, secure architecture, and structured vulnerability management remains central to maintaining system reliability and data accuracy in light of the CBSE cybersecurity flaws.
