A vulnerability classified as problematic has been found in tilt-dev Tilt up to 0.37.3. Affected by this issue is the function
upgradeWebSocket of the file /ws/view of the component WebSocket Upgrader. This manipulation of the argument Origin causes cross-site request forgery.
The identification of this vulnerability is CVE-2026-55883. It is possible to initiate the attack remotely. There is no exploit available.