<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-12T09:59:06.758819+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d51f4b50-c815-48ae-9017-8092e0a708c2/export</id>
    <title>d51f4b50-c815-48ae-9017-8092e0a708c2</title>
    <updated>2026-07-12T09:59:06.781750+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d51f4b50-c815-48ae-9017-8092e0a708c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55884", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mqdv3jbumv2p", "content": "Daily IT Security Digest \u2014 2026-07-11\n# Daily IT Security Digest \u2014 2026-07-11\n\n1. **Tilt HUD Multiple Vulnerabilities (CVE-2026-55884, CVSS 9.2\u20138.3)** \u2014 Tilt, the Kubernetes dev-environment tool, suffers from three critical issues in versions 0.19.5\u20130.37.3. The HUD HTTP server allows", "creation_timestamp": "2026-07-11T05:02:19.147815Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d51f4b50-c815-48ae-9017-8092e0a708c2/export"/>
    <published>2026-07-11T05:02:19.147815+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/90697fed-3ee5-4973-b78d-c27404096e2e/export</id>
    <title>90697fed-3ee5-4973-b78d-c27404096e2e</title>
    <updated>2026-07-12T09:59:06.784588+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "90697fed-3ee5-4973-b78d-c27404096e2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55884", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqdjao6m3k23", "content": "CRITICAL: tilt-dev tilt (0.20.8 \u2013 0.37.3) is vulnerable to auth bypass (CVE-2026-55884). Remote attackers can access dev resources &amp;amp; session tokens. Upgrade to 0.37.4 now! \ud83d\udd12 https://radar.offseq.com/threat/cve-2026-55884-cwe-306-missing-authentication-for--2fea89f00bf19b8f #OffSeq #Vulnerability ...", "creation_timestamp": "2026-07-11T01:30:27.559829Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/90697fed-3ee5-4973-b78d-c27404096e2e/export"/>
    <published>2026-07-11T01:30:27.559829+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e9d695c0-e2a5-4fe3-88e6-bc05a16ed5cb/export</id>
    <title>e9d695c0-e2a5-4fe3-88e6-bc05a16ed5cb</title>
    <updated>2026-07-12T09:59:06.784729+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e9d695c0-e2a5-4fe3-88e6-bc05a16ed5cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55884", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116898753740967653", "content": "CVE-2026-55884: tilt-dev tilt (0.20.8 \u2013 0.37.3) has a CRITICAL auth bypass. Exposes dev resources &amp;amp; session tokens if HUD is bound to non-loopback. Upgrade to 0.37.4 ASAP. https://radar.offseq.com/threat/cve-2026-55884-cwe-306-missing-authentication-for--2fea89f00bf19b8f #OffSeq #Vulnerability #Kubernetes #Infosec", "creation_timestamp": "2026-07-11T01:30:25.809541Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e9d695c0-e2a5-4fe3-88e6-bc05a16ed5cb/export"/>
    <published>2026-07-11T01:30:25.809541+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/53d63d73-856d-4e5e-b1c2-4413adaba5e7/export</id>
    <title>53d63d73-856d-4e5e-b1c2-4413adaba5e7</title>
    <updated>2026-07-12T09:59:06.784846+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "53d63d73-856d-4e5e-b1c2-4413adaba5e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55884", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqdgaqaa6427", "content": "CVE-2026-55884 - Tilt: Missing authentication on the network-exposed Tilt HUD server\nCVE ID : CVE-2026-55884\n \n Published : July 10, 2026, 10:16 p.m. | 16\u00a0minutes ago\n \n Description : Tilt defines dev environments as code for microservice apps on Kubernetes. From 0.20.8 throug...", "creation_timestamp": "2026-07-11T00:36:48.076661Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/53d63d73-856d-4e5e-b1c2-4413adaba5e7/export"/>
    <published>2026-07-11T00:36:48.076661+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/699bad25-90cd-42d7-8259-0b046e8e3a15/export</id>
    <title>699bad25-90cd-42d7-8259-0b046e8e3a15</title>
    <updated>2026-07-12T09:59:06.784948+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "699bad25-90cd-42d7-8259-0b046e8e3a15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55884", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqd6f43taq2v", "content": "CVE-2026-55884 - tilt-dev\nA security issue in the Tilt HUD server allows network attackers to access sensitive information and control the Tilt environment. This is because the server does not require\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#tiltdev #Golang #CVE #infosec", "creation_timestamp": "2026-07-10T22:16:04.773409Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/699bad25-90cd-42d7-8259-0b046e8e3a15/export"/>
    <published>2026-07-10T22:16:04.773409+00:00</published>
  </entry>
</feed>
