CVE-2026-32769

Name of the Vulnerable Software and Affected Versions Fullchain versions prior to 0.1.1

Description Fullchain is a platform for deploying CTF (Capture The Flag) environments. A misconfigured NetworkPolicy allows a malicious actor to move laterally from a compromised application to any Pod in a different namespace. This breaks the expected security-by-default behavior of the deployment program. The flawed NetworkPolicy is identified as inter-ns. This issue does not involve any known real-world incidents or a specific number of affected devices.

Recommendations Versions prior to 0.1.1 should be updated to version 0.1.1. As a workaround, delete the failing inter-ns- prefixed NetworkPolicy in the target namespace. Alternatively, use the provided bash script to delete all matching network policies, but proceed with caution and consider manual deletion if unsure of the outcome.