CVE-2026-47825
Spring Cloud Gateway Server Forwards Headers from Untrusted Proxies in certain situations
CVSS Score
8.6
EPSS Score
0.0%
EPSS Percentile
0th
Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies in certain configuration scenarios. This affects both the WebMVC and WebFlux Gateway Servers. Affected versions: Spring Cloud Gateway 3.1.x (fix 3.1.13). Spring Cloud Gateway 4.1.x (fix 4.1.13). Spring Cloud Gateway 4.2.x (fix 4.2.9). Spring Cloud Gateway 4.3.x (fix 4.3.5). Spring Cloud Gateway 5.0.x (fix 5.0.2).
| CWE | CWE-346 |
| Vendor | spring |
| Product | spring cloud gateway |
| Ecosystems | |
| Industries | TechnologyEnterprise |
| Published | Jun 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for spring spring cloud gateway
Be the first to know when new high vulnerabilities affecting spring spring cloud gateway are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
High
Availability
None
Affected Versions
Spring / Spring Cloud Gateway
3.1.0 < 3.1.13 4.1.0 < 4.1.13 4.2.0 < 4.2.9 4.3.0 < 4.3.5 5.0.0 < 5.0.2