CVE-2026-47825
Awaiting Analysis Awaiting Analysis - Queue

Header Injection in Spring Cloud Gateway Server

Vulnerability report for CVE-2026-47825, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-15

Last updated on: 2026-06-23

Assigner: VMware

Description

Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies in certain configuration scenarios. This affects both the WebMVC and WebFlux Gateway Servers. Affected versions: Spring Cloud Gateway 3.1.x (fix 3.1.13). Spring Cloud Gateway 4.1.x (fix 4.1.13). Spring Cloud Gateway 4.2.x (fix 4.2.9). Spring Cloud Gateway 4.3.x (fix 4.3.5). Spring Cloud Gateway 5.0.x (fix 5.0.2).

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-15
Last Modified
2026-06-23
Generated
2026-07-06
AI Q&A
2026-06-16
EPSS Evaluated
2026-07-04
NVD

Affected Vendors & Products

Showing 5 associated CPEs
Vendor Product Version / Range
vmware spring_cloud_gateway to 3.1.13 (inc)
vmware spring_cloud_gateway to 4.1.13 (inc)
vmware spring_cloud_gateway to 4.2.9 (inc)
vmware spring_cloud_gateway to 4.3.5 (inc)
vmware spring_cloud_gateway to 5.0.2 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-346 The product does not properly verify that the source of data or communication is valid.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Mitigation Strategies

To mitigate this vulnerability, you should upgrade your Spring Cloud Gateway to a fixed version. The affected versions and their fixed releases are:

  • Spring Cloud Gateway 3.1.x - upgrade to 3.1.13 or later
  • Spring Cloud Gateway 4.1.x - upgrade to 4.1.13 or later
  • Spring Cloud Gateway 4.2.x - upgrade to 4.2.9 or later
  • Spring Cloud Gateway 4.3.x - upgrade to 4.3.5 or later
  • Spring Cloud Gateway 5.0.x - upgrade to 5.0.2 or later
Executive Summary

This vulnerability occurs in Spring Cloud Gateway Server where it forwards the X-Forwarded-For and Forwarded headers from untrusted proxies under certain configuration scenarios. This behavior affects both the WebMVC and WebFlux Gateway Servers.

Impact Analysis

The vulnerability can allow an attacker to manipulate the X-Forwarded-For and Forwarded headers, potentially leading to incorrect identification of the client's IP address. This can impact security controls that rely on these headers for access control, logging, or rate limiting, possibly enabling unauthorized access or evasion of security measures.

Compliance Impact

The provided information does not specify how the vulnerability in Spring Cloud Gateway Server affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-47825. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart