PatchSiren

Sarman Soft Software and Technology Services Industry and Trade Ltd. Co. CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Sarman Soft Software and Technology Services Industry and Trade Ltd. Co. CVE published 2026-02-10

CVE-2025-6967

A high-severity vulnerability, CVE-2025-6967, was found in Sarman Soft Software and Technology Services Industry and Trade Ltd. Co. CMS. This Execution After Redirect (EAR) vulnerability enables JSON Hijacking (also known as JavaScript Hijacking) and Authentication Bypass. The affected product is CMS, up to version 10022026. The vendor, Sarman Soft, was notified but did not respond. The vulnerability was [truncated]