<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-14T17:31:30.449031+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/17f687aa-02f1-4080-9e89-2f1225562b93/export</id>
    <title>17f687aa-02f1-4080-9e89-2f1225562b93</title>
    <updated>2026-07-14T17:31:30.473631+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "17f687aa-02f1-4080-9e89-2f1225562b93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55881", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqldxubalv2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-55881 \u0432 OpenReplay: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/3212A0E7-7EBD-4826-A02C-7165682CAA85", "creation_timestamp": "2026-07-14T04:17:20.777615Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/17f687aa-02f1-4080-9e89-2f1225562b93/export"/>
    <published>2026-07-14T04:17:20.777615+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d51f4b50-c815-48ae-9017-8092e0a708c2/export</id>
    <title>d51f4b50-c815-48ae-9017-8092e0a708c2</title>
    <updated>2026-07-14T17:31:30.474967+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d51f4b50-c815-48ae-9017-8092e0a708c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55884", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mqdv3jbumv2p", "content": "Daily IT Security Digest \u2014 2026-07-11\n# Daily IT Security Digest \u2014 2026-07-11\n\n1. **Tilt HUD Multiple Vulnerabilities (CVE-2026-55884, CVSS 9.2\u20138.3)** \u2014 Tilt, the Kubernetes dev-environment tool, suffers from three critical issues in versions 0.19.5\u20130.37.3. The HUD HTTP server allows", "creation_timestamp": "2026-07-11T05:02:19.147815Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d51f4b50-c815-48ae-9017-8092e0a708c2/export"/>
    <published>2026-07-11T05:02:19.147815+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/15aba586-db71-41ea-b5f3-1139fecee7e2/export</id>
    <title>15aba586-db71-41ea-b5f3-1139fecee7e2</title>
    <updated>2026-07-14T17:31:30.475072+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "15aba586-db71-41ea-b5f3-1139fecee7e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55883", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdq7ecayc2y", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-55883 \u0432 Tilt: \u0443\u0433\u0440\u043e\u0437\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043c\u0438\u043a\u0440\u043e\u0441\u0435\u0440\u0432\u0438\u0441\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043d\u0430 Kubernetes\n\n\n\nhttps://kripta.biz/posts/0F56A36C-A9C3-4BB1-94EB-2B45E6FA6D29", "creation_timestamp": "2026-07-11T03:34:59.342667Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/15aba586-db71-41ea-b5f3-1139fecee7e2/export"/>
    <published>2026-07-11T03:34:59.342667+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8d71cea9-4e9f-41ed-bf4f-c3a46eda3ee0/export</id>
    <title>8d71cea9-4e9f-41ed-bf4f-c3a46eda3ee0</title>
    <updated>2026-07-14T17:31:30.475150+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8d71cea9-4e9f-41ed-bf4f-c3a46eda3ee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55881", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdmmtbe2t2x", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-55881 \u0432 OpenReplay: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/0578550E-4312-425C-A67D-EBAF32591FF4", "creation_timestamp": "2026-07-11T02:30:56.259420Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8d71cea9-4e9f-41ed-bf4f-c3a46eda3ee0/export"/>
    <published>2026-07-11T02:30:56.259420+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/73d013b7-a43b-4f38-af1c-13a894c023c7/export</id>
    <title>73d013b7-a43b-4f38-af1c-13a894c023c7</title>
    <updated>2026-07-14T17:31:30.475224+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "73d013b7-a43b-4f38-af1c-13a894c023c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55880", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdmjdujz22s", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-55880 \u0432 OpenReplay: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/B8B37B53-017E-4693-89BF-266609BA3960", "creation_timestamp": "2026-07-11T02:29:00.051683Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/73d013b7-a43b-4f38-af1c-13a894c023c7/export"/>
    <published>2026-07-11T02:29:00.051683+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/90697fed-3ee5-4973-b78d-c27404096e2e/export</id>
    <title>90697fed-3ee5-4973-b78d-c27404096e2e</title>
    <updated>2026-07-14T17:31:30.475296+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "90697fed-3ee5-4973-b78d-c27404096e2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55884", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqdjao6m3k23", "content": "CRITICAL: tilt-dev tilt (0.20.8 \u2013 0.37.3) is vulnerable to auth bypass (CVE-2026-55884). Remote attackers can access dev resources &amp;amp; session tokens. Upgrade to 0.37.4 now! \ud83d\udd12 https://radar.offseq.com/threat/cve-2026-55884-cwe-306-missing-authentication-for--2fea89f00bf19b8f #OffSeq #Vulnerability ...", "creation_timestamp": "2026-07-11T01:30:27.559829Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/90697fed-3ee5-4973-b78d-c27404096e2e/export"/>
    <published>2026-07-11T01:30:27.559829+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e9d695c0-e2a5-4fe3-88e6-bc05a16ed5cb/export</id>
    <title>e9d695c0-e2a5-4fe3-88e6-bc05a16ed5cb</title>
    <updated>2026-07-14T17:31:30.475365+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e9d695c0-e2a5-4fe3-88e6-bc05a16ed5cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55884", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116898753740967653", "content": "CVE-2026-55884: tilt-dev tilt (0.20.8 \u2013 0.37.3) has a CRITICAL auth bypass. Exposes dev resources &amp;amp; session tokens if HUD is bound to non-loopback. Upgrade to 0.37.4 ASAP. https://radar.offseq.com/threat/cve-2026-55884-cwe-306-missing-authentication-for--2fea89f00bf19b8f #OffSeq #Vulnerability #Kubernetes #Infosec", "creation_timestamp": "2026-07-11T01:30:25.809541Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e9d695c0-e2a5-4fe3-88e6-bc05a16ed5cb/export"/>
    <published>2026-07-11T01:30:25.809541+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/53d63d73-856d-4e5e-b1c2-4413adaba5e7/export</id>
    <title>53d63d73-856d-4e5e-b1c2-4413adaba5e7</title>
    <updated>2026-07-14T17:31:30.475432+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "53d63d73-856d-4e5e-b1c2-4413adaba5e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55884", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqdgaqaa6427", "content": "CVE-2026-55884 - Tilt: Missing authentication on the network-exposed Tilt HUD server\nCVE ID : CVE-2026-55884\n \n Published : July 10, 2026, 10:16 p.m. | 16\u00a0minutes ago\n \n Description : Tilt defines dev environments as code for microservice apps on Kubernetes. From 0.20.8 throug...", "creation_timestamp": "2026-07-11T00:36:48.076661Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/53d63d73-856d-4e5e-b1c2-4413adaba5e7/export"/>
    <published>2026-07-11T00:36:48.076661+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/23eaedae-19ec-4f75-abc3-6c53e4d43995/export</id>
    <title>23eaedae-19ec-4f75-abc3-6c53e4d43995</title>
    <updated>2026-07-14T17:31:30.475512+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "23eaedae-19ec-4f75-abc3-6c53e4d43995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55883", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqdfagtiqy2i", "content": "CVE-2026-55883 - Tilt: Cross-site WebSocket hijacking of the Tilt HUD stream\nCVE ID : CVE-2026-55883\n \n Published : July 10, 2026, 10:16 p.m. | 16\u00a0minutes ago\n \n Description : Tilt defines dev environments as code for microservice apps on Kubernetes. From 0.24.0 through 0.37.3...", "creation_timestamp": "2026-07-11T00:18:44.462730Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/23eaedae-19ec-4f75-abc3-6c53e4d43995/export"/>
    <published>2026-07-11T00:18:44.462730+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5c893554-9432-4c60-bc31-e6a1590d8c45/export</id>
    <title>5c893554-9432-4c60-bc31-e6a1590d8c45</title>
    <updated>2026-07-14T17:31:30.475585+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5c893554-9432-4c60-bc31-e6a1590d8c45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55885", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdd6ldysy2i", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-55885 \u0432 Grav: \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0432\u0435\u0431-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\n\n\n\nhttps://kripta.biz/posts/E610A8EB-CBC8-46D1-9407-FA996311BB68", "creation_timestamp": "2026-07-10T23:41:55.663887Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5c893554-9432-4c60-bc31-e6a1590d8c45/export"/>
    <published>2026-07-10T23:41:55.663887+00:00</published>
  </entry>
</feed>
