993 matches found
EUVD-2026-14461
A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component internal/troubleshooting/actioner/actioner.go processes metadata from the metadata service endpoint and executes commands specified in the TroubleshootingAgent.Requesting...
CVE-2026-32768 Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace
Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. In versions prior to 0.6.5, due to a miswritten NetworkPolicy, a malicious actor can pivot from an instance to any Pod out of the origin namespace. This breaks the security-by-default property expected as...
CVE-2026-32768 Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace
Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. In versions prior to 0.6.5, due to a miswritten NetworkPolicy, a malicious actor can pivot from an instance to any Pod out of the origin namespace. This breaks the security-by-default property expected as...
CVE-2026-32768
CVE-2026-32768—Summary (Chall-Manager) : Chall-Manager (platform-agnostic) contained a miswritten NetworkPolicy prior to version 0.6.5, enabling a malicious actor to pivot from an instance to any Pod outside the origin namespace, creating a potential lateral movement risk. The issue is specifical...
CVE-2026-32768 Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace
Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. In versions prior to 0.6.5, due to a miswritten NetworkPolicy, a malicious actor can pivot from an instance to any Pod out of the origin namespace. This breaks the security-by-default property expected as...
CVE-2026-32769
Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. The flawed inter-ns NetworkPolicy breaks the...
CVE-2026-32769 Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace
Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. The flawed inter-ns NetworkPolicy breaks the...
CVE-2026-32769
Fullchain (github.com/ctfer-io/fullchain) is affected prior to version 0.1.1 due to a mis-written inter-namespace NetworkPolicy that allows a subverted application to pivot to pods outside the origin namespace, enabling lateral movement. The issue has been fixed in version 0.1.1. Workaround: dele...
CVE-2026-32769 Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace
Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. The flawed inter-ns NetworkPolicy breaks the...
CVE-2026-32769
Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. The flawed inter-ns NetworkPolicy breaks the...
Chall-Manager 访问控制错误漏洞
Chall-Manager is an open-source project developed by CTFer.io. Versions of Chall-Manager prior to 0.6.5 contained a access control vulnerability, which was caused by incorrect network policy configurations. This vulnerability could lead to lateral movement...
Fullchain 访问控制错误漏洞
Fullchain is an open-source CTF competition platform developed by CTFer.io. Versions of Fullchain prior to 0.1.1 contained access control vulnerability issues. These vulnerabilities were caused by incorrect network policy configurations, and could lead to lateral movement attacks...
CVE-2026-32737
Romeo gives the capability to reach high code coverage of Go ≥1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from the "hardened" namespace to any Pod...
CVE-2026-32737 Romeo's invalid NetworkPolicy enables a malicious actor to pivot into another namespace
Romeo gives the capability to reach high code coverage of Go ≥1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from the "hardened" namespace to any Pod...
CVE-2026-32737
Romeo gives the capability to reach high code coverage of Go ≥1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from the "hardened" namespace to any Pod...
CVE-2026-32737 Romeo's invalid NetworkPolicy enables a malicious actor to pivot into another namespace
Romeo gives the capability to reach high code coverage of Go ≥1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from the "hardened" namespace to any Pod...
EUVD-2026-12999
Romeo gives the capability to reach high code coverage of Go ≥1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from the "hardened" namespace to any Pod...
Romeo 访问控制错误漏洞
Romeo is an open-source Go application code coverage calculation tool developed by CTFer.io. Versions of Romeo prior to 0.2.1 contained a access control vulnerability, which was caused by improper network policy configuration and could lead to lateral movement...
Why East-West Visibility Matters for Grid Security
Learn how east-west traffic visibility helps detect and stop lateral movement attacks inside electric grid infrastructure and critical OT networks...
GHSA-HXM7-9Q36-C77F Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace
Impact Due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. This breaks the security-by-default property expected as part of the deployment program, leading to a potential lateral movement. Patch Removing the inter-ns...