Everything to know about CBSE’s 2026 evaluation crisis: a timeline

CBSE’s official press release can be accessed here.

The Central Board of Secondary Education (CBSE) has filed a formal complaint with Delhi Police over a 3.8 million-packet cyberattack on its Class 12 re-evaluation portal, the latest turn in a crisis that began when the board moved evaluation to a fully digital system this year. CBSE says its databases stayed secure. Days earlier, it had acknowledged security flaws in the same system, more than three months after a researcher first reported them and a week after he publicly demonstrated full access to its servers.

The crisis now spans low results, demonstrated security flaws, a whistleblower’s tender-rigging allegations, and two senior officials transferred. Here is how it unfolded.

• February 12, 2026: OSM introduced. CBSE announced that Class 12 answer scripts would be scanned and evaluated digitally under On-Screen Marking (OSM), with teachers grading remotely, to cut totalling errors and speed up results. At the same time, it discontinued post-result verification of marks for Class 12. Class 10 evaluation remained paper-based.
• February to April 2026: exams held. CBSE conducted the Class 12 board exams from February 17 to April 10, with nearly 18 lakh students registered for the cycle. All answer sheets were evaluated under OSM for the first time.
• Late February 2026: vulnerabilities flagged to CERT-In. Cybersecurity researcher Nisarga Adhikary, who had just completed Class 12, reported security vulnerabilities in the OSM portal to the Indian Computer Emergency Response Team (CERT-In) shortly after February 25. He said he received a templated acknowledgement and never heard back despite follow-ups.
• March 16, 2026: teachers warned. In a circular, CBSE warned Class 10 and 12 evaluators of legal action for sharing “misleading” information about the marking process on social media, calling the evaluation confidential. Several concerns raised by teachers later proved to be well-founded.
• May 13, 2026: results disappoint. CBSE declared the Class 12 results with an overall pass percentage of 85.20%, down over three points from 88.39% in 2025. Students reported unexpectedly low marks, blurred scans, and unmarked answers. One student, Vedant Shrivastava, said the Physics answer sheet CBSE uploaded for him was not his at all, and the board sent the correct one only after his post went viral. More than 1.63 lakh students were placed in the compartment category.
• May 22, 2026: vulnerabilities go public. Adhikary published a blog detailing security flaws in the OSM portal after CERT-In failed to act on issues he had flagged months earlier. Among them were a master password stored in plain text in the site’s code, login verification that ran in the user’s browser rather than on CBSE’s servers, internal pages accessible without authentication, and a flaw that allowed anyone to reset an examiner’s password without knowing the existing one. Together, he said, these…