CVE Vulnerabilities

CVE-2026-14685

Published: Jul 05, 2026 | Modified: Jul 16, 2026
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
3.3 LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Ubuntu
MEDIUM
root.io logo minimus.io logo echo.ai logo

A vulnerability has been found in HdrHistogram up to 2.2.2. This vulnerability affects the function recordValueWithCount of the file src/main/java/org/HdrHistogram/AbstractHistogram.java of the component AbstractHistogram. Such manipulation of the argument Count leads to state issue. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The existence of this vulnerability is still disputed at present. This issue is disputed due to the potential lack of crossing of security boundaries and the pre-requisites for a successful attack.

Affected Software

NameVendorStart VersionEnd Version
Red Hat Hardened ImagesRedHatnetavark-main-2.0.0-1.hum1*
Red Hat Hardened ImagesRedHatrust-main-1.96.1-1.hum1*
HdrhistogramUbuntuquesting*

References