A 16-year-old cybersecurity researcher has flagged a major data security issue on the JEE Advanced 2026 results website, prompting a swift response from the organising institute, IIT Roorkee.
Rylen Anil (@DarthKermy72747) claimed that the JEE Advanced 2026 candidate result infrastructure had a public cloud storage misconfiguration that exposed large volumes of candidate data without authentication.
IIT Roorkee acknowledged the issue and initiated corrective action, assuring that the data stored was read-only and could not be altered.
The disclosure comes at a time when concerns over examination technology systems are already under scrutiny, following a series of technical glitches, cyberattacks, and administrative shake-ups in the CBSE's verification portal.
