CVE-2026-47825
Awaiting Analysis
Awaiting Analysis - Queue
Header Injection in Spring Cloud Gateway Server
Vulnerability report for CVE-2026-47825, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-06-15
Last updated on: 2026-06-23
Assigner: VMware
Description
Description
Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies in certain configuration scenarios. This affects both the WebMVC and WebFlux Gateway Servers.
Affected versions:
Spring Cloud Gateway 3.1.x (fix 3.1.13).
Spring Cloud Gateway 4.1.x (fix 4.1.13).
Spring Cloud Gateway 4.2.x (fix 4.2.9).
Spring Cloud Gateway 4.3.x (fix 4.3.5).
Spring Cloud Gateway 5.0.x (fix 5.0.2).
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vmware | spring_cloud_gateway | to 3.1.13 (inc) |
| vmware | spring_cloud_gateway | to 4.1.13 (inc) |
| vmware | spring_cloud_gateway | to 4.2.9 (inc) |
| vmware | spring_cloud_gateway | to 4.3.5 (inc) |
| vmware | spring_cloud_gateway | to 5.0.2 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-346 | The product does not properly verify that the source of data or communication is valid. |