A vulnerability, which was classified as problematic, was found in HdrHistogram up to 2.2.2. This vulnerability affects the function
recordValueWithCount of the file src/main/java/org/HdrHistogram/AbstractHistogram.java of the component AbstractHistogram. Such manipulation of the argument Count leads to state issue.
This vulnerability is referenced as CVE-2026-14685. The attack can only be performed from a local environment. Furthermore, an exploit is available.
The project was informed of the problem early through an issue report but has not responded yet.