Description
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Published: 2026-03-17
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Apply Patch
AI Analysis

Impact

CVE-2025-64776 is an out-of-bounds read vulnerability in the EMF functionality of Canva Affinity. The vulnerability allows an attacker to read memory beyond the intended bounds, potentially exposing sensitive information. It represents a classic buffer overread weakness as defined by CWE-125.

Affected Systems

The affected product is Canva Affinity, as indicated by the vendor name and the CPE string cpe:2.3:a:canva:affinity:*:*:*:*:*:windows:*:*. No specific version information is provided in the CVE entry.

Risk and Exploitability

The CVSS score of 6.1 indicates a moderate severity, and the EPSS score of less than 1% suggests a low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that an attacker can exploit this weakness by supplying a specially crafted EMF file to the application, which will trigger an out-of-bounds read. The attack would require the victim to open or process the malicious EMF file, implying a local or file-wise attack vector.

Generated by OpenCVE AI on March 19, 2026 at 13:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check Canva's website for official updates or patches
  • Apply the latest update to Canva Affinity when available
  • Restrict opening of EMF files from untrusted sources
  • Implement application whitelisting

Generated by OpenCVE AI on March 19, 2026 at 13:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 24 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
Title Out-of-Bounds Read in Canva Affinity EMF Parsing

Thu, 19 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:canva:affinity:*:*:*:*:*:windows:*:*

Wed, 18 Mar 2026 17:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:canva:affinity:-:*:*:*:*:windows:*:*

Wed, 18 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 17 Mar 2026 21:30:00 +0000

Type Values Removed Values Added
References

Tue, 17 Mar 2026 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Canva
Canva affinity
CPEs cpe:2.3:a:canva:affinity:-:*:*:*:*:windows:*:*
Vendors & Products Canva
Canva affinity

Tue, 17 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
Description An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L'}

Subscriptions

Canva Affinity
cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published:

Updated: 2026-03-18T17:00:15.191Z

Reserved: 2025-12-05T16:32:52.291Z

Link: CVE-2025-64776

cve-icon Vulnrichment

Updated: 2026-03-17T20:11:30.177Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-17T19:15:59.090

Modified: 2026-03-19T12:07:48.920

Link: CVE-2025-64776

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:54:53Z

Weaknesses