CVE-2026-32720

Name of the Vulnerable Software and Affected Versions CTFer.io Monitoring versions prior to 0.2.1

Description The CTFer.io Monitoring component handles the collection, processing, and storage of signals like logs, metrics, and distributed traces. A misconfigured NetworkPolicy allows a malicious actor to move laterally from one component to any other namespace. This compromises the expected security-by-default behavior of the deployment. The issue results in a potential lateral movement within the system.

Recommendations Versions prior to 0.2.1: Remove the inter-ns NetworkPolicy to address the issue. If updates are not immediately feasible, manually delete the network policy prefixed with inter-ns- in the monitoring namespace. The following command can be used to delete all matching network policies:

for ns in $(kubectl get ns -o jsonpath='{.items[*].metadata.name}' | tr ' ' '
' | grep '^monitoring-'); do
 kubectl -n "$ns" get networkpolicy -o name 
 | grep '^networkpolicy.networking.k8s.io/inter-ns-' 
 | xargs -r kubectl -n "$ns" delete
done