CVE-2026-32720
Improper Access Control in github.com/ctfer-io/monitoring
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals (i.e. logs, metrics and distributed traces). Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the security-by-default property expected as part of the deployment program, leading to a potential lateral movement. This vulnerability is fixed in 0.2.1.
| CWE | CWE-284 |
| Vendor | ctfer-io |
| Product | monitoring |
| Published | Mar 13, 2026 |
| Last Updated | Mar 16, 2026 |
Stay Ahead of the Next One
Get instant alerts for ctfer-io monitoring
Be the first to know when new unknown vulnerabilities affecting ctfer-io monitoring are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
ctfer-io / monitoring
< 0.2.1