PatchSiren

HdrHistogram CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW HdrHistogram CVE published 2026-07-04

CVE-2026-14683

CVE-2026-14683 is a vulnerability detected in HdrHistogram up to 2.2.2. The issue affects the function org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer in the file src/main/java/org/HdrHistogram/AbstractHistogram.java. The manipulation of the argument lengthOfCompressedContents results in uncontrolled memory allocation. The attack needs to be approached locally. The exploit is now public [truncated]