Description
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Published: 2026-03-17
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure (Out-of-Bounds Read)
Action: Patch Today
AI Analysis

Impact

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. A specially crafted EMF file can trigger the vulnerability, allowing an attacker to read beyond defined memory bounds and potentially disclose sensitive information. The weakness is classified as CWE‑125, indicating an uncontrolled read of buffer data. The impact is limited to information disclosure rather than code execution or denial of service.

Affected Systems

The affected product is Canva Affinity on Windows platforms. According to the advisory, all versions of this application that run on Windows are impacted; no specific version range is provided. The CPE string cpe:2.3:a:canva:affinity:*:*:*:*:*:windows:*:* indicates the vulnerability applies to Windows installations of the product. Users should consult the vendor for detailed version support.

Risk and Exploitability

The CVSS score for this issue is 6.1, placing it in the medium severity category. The EPSS score is reported as less than 1 %, suggesting a low probability of current exploitation. The vulnerability is not listed in CISA's KEV catalog. Attack vectors are likely local, requiring the victim to open a malicious EMF file crafted by an attacker. If the file is opened on an affected system, the out-of-bounds read can leak memory contents, but no known escalation to code execution or persistence is documented.

Generated by OpenCVE AI on March 19, 2026 at 13:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check Canva Affinity for available updates or patches
  • Apply any vendor‑issued patch promptly when released
  • Avoid opening EMF files from untrusted sources until a fix is issued

Generated by OpenCVE AI on March 19, 2026 at 13:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 24 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
Title Out-of-Bounds Read in Canva Affinity EMF Processing

Thu, 19 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:canva:affinity:*:*:*:*:*:windows:*:*

Wed, 18 Mar 2026 17:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:canva:affinity:-:*:*:*:*:windows:*:*

Tue, 17 Mar 2026 21:30:00 +0000

Type Values Removed Values Added
References

Tue, 17 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Canva
Canva affinity
CPEs cpe:2.3:a:canva:affinity:-:*:*:*:*:windows:*:*
Vendors & Products Canva
Canva affinity
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 17 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
Description An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L'}

Subscriptions

Canva Affinity
cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published:

Updated: 2026-03-18T17:00:23.907Z

Reserved: 2025-12-10T16:22:18.287Z

Link: CVE-2025-65119

cve-icon Vulnrichment

Updated: 2026-03-17T20:11:31.196Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-17T19:15:59.250

Modified: 2026-03-19T12:08:28.970

Link: CVE-2025-65119

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:55:02Z

Weaknesses