CVE-2026-14686
HdrHistogram Range Check DoubleHistogram.java org.HdrHistogram.DoubleHistogram.recordValue comparison
CVSS Score
3.3
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability was found in HdrHistogram up to 2.2.2. This issue affects the function org.HdrHistogram.DoubleHistogram.recordValue of the file src/main/java/org/HdrHistogram/DoubleHistogram.java of the component Range Check. Performing a manipulation results in incorrect comparison. The attack is only possible with local access. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
| CWE | CWE-697 |
| Vendor | n/a |
| Product | hdrhistogram |
| Published | Jul 5, 2026 |
Stay Ahead of the Next One
Get instant alerts for n/a hdrhistogram
Be the first to know when new low vulnerabilities affecting n/a hdrhistogram are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
n/a / HdrHistogram
2.2.0 2.2.1 2.2.2
References
vuldb.com: https://vuldb.com/vuln/376282 vuldb.com: https://vuldb.com/vuln/376282/cti vuldb.com: https://vuldb.com/cve/CVE-2026-14686 vuldb.com: https://vuldb.com/submit/846762 github.com: https://github.com/HdrHistogram/HdrHistogram/issues/222 github.com: https://github.com/HdrHistogram/HdrHistogram/
Credits
๐ sara11h (VulDB User) VulDB CNA Team