CVE-2026-47825
HighCVSS 8.6Exploitation Probability (EPSS)
Low risk4th percentile - higher than 4% of all known CVEs
Summary
Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies in certain configuration scenarios. This affects both the WebMVC and WebFlux Gateway Servers.
Risk Assessment
Forwarding these headers from untrusted sources may lead to false user identification and potential spoofing attacks.
Recommendation
It is recommended to upgrade to the fixed versions: 3.1.13, 4.1.13, 4.2.9, 4.3.5, or 5.0.2.
Original NVD description (English source)
Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies in certain configuration scenarios. This affects both the WebMVC and WebFlux Gateway Servers. Affected versions: Spring Cloud Gateway 3.1.x (fix 3.1.13). Spring Cloud Gateway 4.1.x (fix 4.1.13). Spring Cloud Gateway 4.2.x (fix 4.2.9). Spring Cloud Gateway 4.3.x (fix 4.3.5). Spring Cloud Gateway 5.0.x (fix 5.0.2).

