GO-2026-4715 Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace in github.com/ctfer-io/fullchain

Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace in github.com/ctfer-io/fullchain...

CVE-2026-32769 Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace

Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. The flawed inter-ns NetworkPolicy breaks the...

CVE-2026-32769

Fullchain (github.com/ctfer-io/fullchain) is affected prior to version 0.1.1 due to a mis-written inter-namespace NetworkPolicy that allows a subverted application to pivot to pods outside the origin namespace, enabling lateral movement. The issue has been fixed in version 0.1.1. Workaround: dele...

CVE-2026-32769 Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace

Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. The flawed inter-ns NetworkPolicy breaks the...

Fullchain 访问控制错误漏洞

Fullchain is an open-source CTF competition platform developed by CTFer.io. Versions of Fullchain prior to 0.1.1 contained access control vulnerability issues. These vulnerabilities were caused by incorrect network policy configurations, and could lead to lateral movement attacks...