Description
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Published: 2026-03-17
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Potential Disclosure of Sensitive Information
Action: Patch
AI Analysis

Impact

An out‑of‑bounds read vulnerability exists within the Enhanced Metafile (EMF) handling of Canva Affinity. By supplying a specially crafted EMF file, an attacker can trigger an out‑of‑bounds read that may expose confidential information residing outside the intended memory buffer. This weakness corresponds to CWE‑125 and can compromise the confidentiality of data that the application processes.

Affected Systems

The vulnerability affects the Canva Affinity product running on Windows platforms. Specific version information is not supplied in the CNA data; therefore, all releases of Affinity are potentially impacted until a vendor‑issued update is released.

Risk and Exploitability

The CVSS v3 score of 6.1 indicates a moderate severity. EPSS score is below 1%, implying a low probability of exploitation at this time, and the vulnerability is not listed in CISA’s KEV catalog. The most probable attack vector would arise when a user opens a malicious EMF file—directly or via a document that references such a file—so the vulnerability is primarily triggered through user‑initiated file handling. Because the vulnerability concerns an out‑of‑bounds read, it does not enable arbitrary code execution, but it can still lead to the disclosure of sensitive application or system data.

Generated by OpenCVE AI on March 19, 2026 at 13:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check for and apply any available patches or updates from Canva.
  • Avoid opening unknown or untrusted EMF files until a patch is available.
  • If possible, disable EMF functionality or use alternative image formats.
  • Monitor Canva’s advisories and security bulletins for updates.

Generated by OpenCVE AI on March 19, 2026 at 13:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 24 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
Title Out-of-Bounds Read in Canva Affinity EMF Functionality Leading to Sensitive Data Disclosure

Thu, 19 Mar 2026 12:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:canva:affinity:*:*:*:*:*:windows:*:*

Wed, 18 Mar 2026 17:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:canva:affinity:-:*:*:*:*:windows:*:*

Tue, 17 Mar 2026 21:30:00 +0000

Type Values Removed Values Added
References

Tue, 17 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Canva
Canva affinity
CPEs cpe:2.3:a:canva:affinity:-:*:*:*:*:windows:*:*
Vendors & Products Canva
Canva affinity
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 17 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
Description An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L'}

Subscriptions

Canva Affinity
cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published:

Updated: 2026-03-18T17:00:10.924Z

Reserved: 2025-12-05T13:07:13.321Z

Link: CVE-2025-61979

cve-icon Vulnrichment

Updated: 2026-03-17T20:11:23.114Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-17T19:15:58.090

Modified: 2026-03-19T12:23:25.537

Link: CVE-2025-61979

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:54:50Z

Weaknesses