GO-2026-4715 Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace in github.com/ctfer-io/fullchain

Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace in github.com/ctfer-io/fullchain...

CVE-2026-32769 Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace

Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. The flawed inter-ns NetworkPolicy breaks the...

CVE-2026-32769 Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace

Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. The flawed inter-ns NetworkPolicy breaks the...

CVE-2026-32769

From GHSA-HXM7-9Q36-C77F: a mis‑written NetworkPolicy named inter-ns‑* can let a malicious actor pivot from a subverted app to pods in other namespaces, breaking default security guarantees and enabling lateral movement. Patch: remove the inter-ns NetworkPolicy; workaround: delete matching polici...

Fullchain 访问控制错误漏洞

Fullchain is an open-source CTF competition platform developed by CTFer.io. Versions of Fullchain prior to 0.1.1 contained access control vulnerability issues. These vulnerabilities were caused by incorrect network policy configurations, and could lead to lateral movement attacks...