Description
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Published: 2026-03-17
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Assess Impact
AI Analysis

Impact

An out‑of‑bounds read vulnerability (CWE‑125) exists in the EMF functionality of Canva Affinity. Exploiting the vulnerability by opening a specially crafted EMF file can cause the application to read memory beyond the intended bounds, potentially revealing sensitive information to the attacker. The CVE description states the primary impact is disclosure of sensitive data.

Affected Systems

Canva Affinity running on Windows is affected, as identified by the CPE cpe:2.3:a:canva:affinity:*:*:*:*:*:windows:*:*. No specific affected version numbers are listed in the CVE data, so administrators should verify whether their installed version is on the affected release line using vendor documentation.

Risk and Exploitability

The CVSS score of 6.1 indicates moderate risk, while the EPSS score of less than 1% suggests a low probability of exploitation in the near term. The vulnerability is not listed in CISA's KEV catalog. It is triggered by opening a malicious EMF file, so the likely attack vector is a file‑based local or remote delivery. Exploitation requires the victim to run Canva Affinity and open the crafted file, making it mitigable by restricting file opening from untrusted sources and applying any available patch.

Generated by OpenCVE AI on March 19, 2026 at 13:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check Canva Affinity website or support portal for security updates or patches that address the EMF vulnerability.
  • Apply any released update that fixes the out‑of‑bounds read issue.
  • Avoid opening untrusted or suspicious EMF files until a patch is applied.

Generated by OpenCVE AI on March 19, 2026 at 13:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 24 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
Title Canva Affinity Out‑of‑Bounds Read in EMF Functionality

Thu, 19 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:canva:affinity:*:*:*:*:*:windows:*:*

Wed, 18 Mar 2026 17:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:canva:affinity:-:*:*:*:*:windows:*:*

Wed, 18 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 17 Mar 2026 21:30:00 +0000

Type Values Removed Values Added
References

Tue, 17 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Canva
Canva affinity
CPEs cpe:2.3:a:canva:affinity:-:*:*:*:*:windows:*:*
Vendors & Products Canva
Canva affinity

Tue, 17 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
Description An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L'}

Subscriptions

Canva Affinity
cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published:

Updated: 2026-03-18T17:00:19.140Z

Reserved: 2025-12-10T12:56:27.297Z

Link: CVE-2025-66617

cve-icon Vulnrichment

Updated: 2026-03-17T20:11:36.443Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-17T19:16:00.097

Modified: 2026-03-19T12:11:35.373

Link: CVE-2025-66617

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:54:57Z

Weaknesses