GO-2026-4718 Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace in github.com/ctfer-io/chall-manager/deploy

Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace in github.com/ctfer-io/chall-manager/deploy...

CVE-2026-32768

CVE-2026-32768—Summary (Chall-Manager) : Chall-Manager (platform-agnostic) contained a miswritten NetworkPolicy prior to version 0.6.5, enabling a malicious actor to pivot from an instance to any Pod outside the origin namespace, creating a potential lateral movement risk. The issue is specifical...

CVE-2026-32768

Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. In versions prior to 0.6.5, due to a miswritten NetworkPolicy, a malicious actor can pivot from an instance to any Pod out of the origin namespace. This breaks the security-by-default property expected as...

CVE-2026-32768 Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace

Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. In versions prior to 0.6.5, due to a miswritten NetworkPolicy, a malicious actor can pivot from an instance to any Pod out of the origin namespace. This breaks the security-by-default property expected as...

Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace

Impact Due to a mis-written NetworkPolicy, a malicious actor can pivot from an instance to any Pod out of the origin namespace. This breaks the security-by-default property expected as part of the deployment program, leading to a potential lateral movement. In the specific case of...

Exploit for Path Traversal in Ctfer-Io Chall-Manager

CVE-2025-53632 This repository contains an exploit of CVE-2...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the scenario decoding process. An attacker can cause excessive resource consumption by submitting a specially crafted zip archive that decompresses to a very large size...