diff --git a/web/src/main/java/org/springframework/security/web/util/matcher/IpAddressMatcher.java b/web/src/main/java/org/springframework/security/web/util/matcher/IpAddressMatcher.java
index d4ce76d50a..788d107b76 100644
--- a/web/src/main/java/org/springframework/security/web/util/matcher/IpAddressMatcher.java
+++ b/web/src/main/java/org/springframework/security/web/util/matcher/IpAddressMatcher.java
@@ -50,6 +50,7 @@ public final class IpAddressMatcher implements RequestMatcher {
 	 * come.
 	 */
 	public IpAddressMatcher(String ipAddress) {
+		Assert.hasText(ipAddress, "ipAddress cannot be empty");
 		assertNotHostName(ipAddress);
 		if (ipAddress.indexOf('/') > 0) {
 			String[] addressAndMask = StringUtils.split(ipAddress, "/");
diff --git a/web/src/test/java/org/springframework/security/web/util/matcher/IpAddressMatcherTests.java b/web/src/test/java/org/springframework/security/web/util/matcher/IpAddressMatcherTests.java
index 9329eed69a..ce702bfbeb 100644
--- a/web/src/test/java/org/springframework/security/web/util/matcher/IpAddressMatcherTests.java
+++ b/web/src/test/java/org/springframework/security/web/util/matcher/IpAddressMatcherTests.java
@@ -139,4 +139,18 @@ public class IpAddressMatcherTests {
 		assertThat(this.v4matcher.matches((String) null)).isFalse();
 	}
 
+	// gh-15527
+	@Test
+	public void constructorWhenRequiredAddressIsNullThenThrowsIllegalArgumentException() {
+		assertThatIllegalArgumentException().isThrownBy(() -> new IpAddressMatcher(null))
+			.withMessage("ipAddress cannot be empty");
+	}
+
+	// gh-15527
+	@Test
+	public void constructorWhenRequiredAddressIsEmptyThenThrowsIllegalArgumentException() {
+		assertThatIllegalArgumentException().isThrownBy(() -> new IpAddressMatcher(""))
+			.withMessage("ipAddress cannot be empty");
+	}
+
 }