Description
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Published: 2026-03-17
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Immediate Patch
AI Analysis

Impact

An out-of-bounds read vulnerability exists in the EMF handling of Canva Affinity. The flaw allows an attacker to supply a specially crafted EMF file that forces the application to read beyond intended memory bounds, potentially exposing sensitive data from the victim’s memory. The vulnerability is identified as CWE-125 Evidence of a classic buffer-read-to-out-of-bounds exploit that could, without further privileges, leak confidential information. This information disclosure does not provide direct code execution or privilege escalation but can still be leveraged to harvest data from the victim’s session.

Affected Systems

The affected product is Canva Affinity, available on Windows platforms. The vulnerability applies to any installation of this application that processes EMF files, regardless of version, as no specific version constraints are stated in the CNA data.

Risk and Exploitability

The CVSS v3 score of 6.1 indicates a moderate severity. The EPSS probability is below 1%, suggesting that widespread exploitation is unlikely. The issue is not listed in the CISA KEV catalog, further indicating a low exploitation rate. The attack vector is inferred to be user-mediated via a malicious EMF file; an attacker would need to deliver or lure the user to open a crafted file in the application. Once opened, the read vulnerability can reveal memory contents but does not grant code execution or elevate privileges, limiting the overall impact to data leakage.

Generated by OpenCVE AI on March 19, 2026 at 13:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Canva Affinity patch or upgrade to the newest version when available.
  • Avoid opening EMF files from untrusted sources or unexpected emails.
  • Verify that emergency patches are installed via the official Canva update mechanism.

Generated by OpenCVE AI on March 19, 2026 at 13:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 19 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:canva:affinity:*:*:*:*:*:windows:*:*

Wed, 18 Mar 2026 17:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:canva:affinity:-:*:*:*:*:windows:*:*

Wed, 18 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 17 Mar 2026 21:30:00 +0000

Type Values Removed Values Added
References

Tue, 17 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Canva
Canva affinity
CPEs cpe:2.3:a:canva:affinity:-:*:*:*:*:windows:*:*
Vendors & Products Canva
Canva affinity

Tue, 17 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
Description An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L'}

Subscriptions

Canva Affinity
cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published:

Updated: 2026-03-18T17:00:17.155Z

Reserved: 2025-12-05T16:35:39.478Z

Link: CVE-2025-66633

cve-icon Vulnrichment

Updated: 2026-03-17T20:11:37.431Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-17T19:16:00.270

Modified: 2026-03-19T12:12:28.770

Link: CVE-2025-66633

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:54:55Z

Weaknesses