Description

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals (i.e. logs, metrics and distributed traces). Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the security-by-default property expected as part of the deployment program, leading to a potential lateral movement. This vulnerability is fixed in 0.2.1.

INFO

Published Date :

2026-03-13T21:27:52.824Z

Last Modified :

2026-03-16T16:42:54.043Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-32720 vulnerability.

Vendors Products
Ctfer-io
  • Monitoring
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-32720.

URL Resource
https://github.com/ctfer-io/monitoring/security/advisories/GHSA-7x23-j8gv-v54x cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability