{"vulnerability": "CVE-2026-55884", "sightings": [{"uuid": "699bad25-90cd-42d7-8259-0b046e8e3a15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55884", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqd6f43taq2v", "content": "CVE-2026-55884 - tilt-dev\nA security issue in the Tilt HUD server allows network attackers to access sensitive information and control the Tilt environment. This is because the server does not require\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#tiltdev #Golang #CVE #infosec", "creation_timestamp": "2026-07-10T22:16:04.773409Z"}, {"uuid": "53d63d73-856d-4e5e-b1c2-4413adaba5e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55884", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqdgaqaa6427", "content": "CVE-2026-55884 - Tilt: Missing authentication on the network-exposed Tilt HUD server\nCVE ID : CVE-2026-55884\n \n Published : July 10, 2026, 10:16 p.m. | 16\u00a0minutes ago\n \n Description : Tilt defines dev environments as code for microservice apps on Kubernetes. From 0.20.8 throug...", "creation_timestamp": "2026-07-11T00:36:48.076661Z"}, {"uuid": "e9d695c0-e2a5-4fe3-88e6-bc05a16ed5cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55884", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116898753740967653", "content": "CVE-2026-55884: tilt-dev tilt (0.20.8 \u2013 0.37.3) has a CRITICAL auth bypass. Exposes dev resources &amp; session tokens if HUD is bound to non-loopback. Upgrade to 0.37.4 ASAP. https://radar.offseq.com/threat/cve-2026-55884-cwe-306-missing-authentication-for--2fea89f00bf19b8f #OffSeq #Vulnerability #Kubernetes #Infosec", "creation_timestamp": "2026-07-11T01:30:25.809541Z"}, {"uuid": "90697fed-3ee5-4973-b78d-c27404096e2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55884", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqdjao6m3k23", "content": "CRITICAL: tilt-dev tilt (0.20.8 \u2013 0.37.3) is vulnerable to auth bypass (CVE-2026-55884). Remote attackers can access dev resources &amp; session tokens. Upgrade to 0.37.4 now! \ud83d\udd12 https://radar.offseq.com/threat/cve-2026-55884-cwe-306-missing-authentication-for--2fea89f00bf19b8f #OffSeq #Vulnerability ...", "creation_timestamp": "2026-07-11T01:30:27.559829Z"}, {"uuid": "d51f4b50-c815-48ae-9017-8092e0a708c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55884", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mqdv3jbumv2p", "content": "Daily IT Security Digest \u2014 2026-07-11\n# Daily IT Security Digest \u2014 2026-07-11\n\n1. **Tilt HUD Multiple Vulnerabilities (CVE-2026-55884, CVSS 9.2\u20138.3)** \u2014 Tilt, the Kubernetes dev-environment tool, suffers from three critical issues in versions 0.19.5\u20130.37.3. The HUD HTTP server allows", "creation_timestamp": "2026-07-11T05:02:19.147815Z"}]}