CVE-2026-32768

Name of the Vulnerable Software and Affected Versions Chall-Manager versions prior to 0.6.5

Description Chall-Manager is a platform-agnostic system designed to initiate challenges on demand. A misconfigured NetworkPolicy in versions prior to 0.6.5 allows a malicious actor to move laterally from one instance to any Pod outside its original namespace, compromising the expected security-by-default behavior. Specifically, sdk/kubernetes.Kompose does not provide instance isolation. The issue stems from a mis-written NetworkPolicy that enables unauthorized access between namespaces.

Recommendations Versions prior to 0.6.5 should be updated to version 0.6.5 or later. If updates are not immediately possible, manually delete the inter-ns NetworkPolicy. As a workaround, delete any network policies prefixed with inter-ns- in the target namespace using the provided bash script, or manually if preferred.