Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
Fullchain CTF Platform: Unsecured Lateral Movement in Older Versions
CVE-2026-32769
Summary
Fullchain's CTF platform versions before 0.1.1 allow an attacker to move between parts of a system they shouldn't have access to. This could lead to unauthorized access to sensitive data or disruption of the system. To fix this, update to version 0.1.1 or delete a specific network policy in the target namespace.
Original title
Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application...
Original description
Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. The flawed inter-ns NetworkPolicy breaks the security-by-default property expected as part of the deployment program, leading to a potential lateral movement. This issue has been fixed in version 0.1.1. To workaround, delete the failing network policy that should be prefixed by inter-ns- in the target namespace.
nvd CVSS4.0
7.1
Vulnerability type
CWE-284
Improper Access Control
Published: 20 Mar 2026 · Updated: 20 Mar 2026 · First seen: 20 Mar 2026