LOW
HdrHistogram
CVE published 2026-07-04
CVE-2026-14683
CVE-2026-14683 is a vulnerability detected in HdrHistogram up to 2.2.2. The issue affects the function org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer in the file src/main/java/org/HdrHistogram/AbstractHistogram.java. The manipulation of the argument lengthOfCompressedContents results in uncontrolled memory allocation. The attack needs to be approached locally. The exploit is now public [truncated]