Tilt Vulnerabilities Interact Via HUD Execution Gateway

EXECUTIVE SUMMARY:

Three vulnerabilities have been uncovered in Tilt, the local Kubernetes development tool. The flaws include missing authentication on the HUD HTTP server, cross-site WebSocket hijacking, and unauthenticated pprof debug endpoints that expose process memory. An attacker with network access to a non-loopback HUD listener can trigger arbitrary Tiltfile resources, read or alter configuration, and steal session and cluster tokens, effectively compromising developer workstations and downstream Kubernetes clusters. The risk is high for teams exposing the HUD to any network.[emaillocker id="1283"]

CVE-2026-55884 with a CVSS score of 9.2 – The HUD HTTP server lacks authentication, allowing any network‑reachable client to invoke state‑changing endpoints, set arbitrary Tiltfile arguments, and read the session token. Exploitation requires the HUD to be bound to a non‑loopback address and reachable over port 10350.

CVE-2026-55883 with a CVSS score of 8.3 – The WebSocket endpoint permits connections without proper Origin validation and uses a globally shared CSRF token, enabling an unauthenticated attacker to open the HUD stream and capture the developer’s session state. Prerequisite is the same non‑loopback exposure.

CVE-2026-55882 with a CVSS score of 8.3 – Unprotected /debug pprof endpoints expose process memory and tokens to any caller, allowing extraction of credentials and performance degradation via profiling. Attackers need only network reachability to the HUD listener.

RECOMMENDATION:

• We recommend you to update github.com/tilt-dev/tilt to version 0.37.4 or later.

REFERENCES:

The following reports contain further technical details:
https://github.com/advisories/GHSA-c73q-8xxr-rgqm
https://github.com/advisories/GHSA-6m68-r693-78qx
https://github.com/advisories/GHSA-p749-9w62-w533