๐Ÿ” CVE Alert

CVE-2026-14685

LOW 3.3

HdrHistogram AbstractHistogram AbstractHistogram.java recordValueWithCount state issue

CVSS Score
3.3
EPSS Score
0.0%
EPSS Percentile
0th

A vulnerability has been found in HdrHistogram up to 2.2.2. This vulnerability affects the function recordValueWithCount of the file src/main/java/org/HdrHistogram/AbstractHistogram.java of the component AbstractHistogram. Such manipulation of the argument Count leads to state issue. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

CWE CWE-371
Vendor n/a
Product hdrhistogram
Published Jul 4, 2026
Stay Ahead of the Next One

Get instant alerts for n/a hdrhistogram

Be the first to know when new low vulnerabilities affecting n/a hdrhistogram are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

n/a / HdrHistogram
2.2.0 2.2.1 2.2.2

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
vuldb.com: https://vuldb.com/vuln/376281 vuldb.com: https://vuldb.com/vuln/376281/cti vuldb.com: https://vuldb.com/cve/CVE-2026-14685 vuldb.com: https://vuldb.com/submit/846761 github.com: https://github.com/HdrHistogram/HdrHistogram/issues/221 github.com: https://github.com/HdrHistogram/HdrHistogram/

Credits

๐Ÿ” sara11h (VulDB User) VulDB CNA Team