Skip to main content

Affinity CVE-2025-61952

| EUVDEUVD-2025-208787 MEDIUM
Out-of-bounds Read (CWE-125)
2026-03-17 talos
6.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.1 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

3
EUVD ID Assigned
Mar 17, 2026 - 20:30 euvd
EUVD-2025-208787
Analysis Generated
Mar 17, 2026 - 20:30 vuln.today
CVE Published
Mar 17, 2026 - 18:52 nvd
MEDIUM 6.1

DescriptionCVE.org

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.

AnalysisAI

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file parsing functionality that allows attackers to read memory beyond allocated buffer boundaries. Canva Affinity version 3.0.1.3808 and potentially earlier versions are affected. An attacker can craft a malicious EMF file that, when opened by a user, triggers the out-of-bounds read to disclose sensitive information from process memory; the vulnerability requires user interaction (opening the file) but no elevated privileges, making it a practical attack vector for phishing or drive-by downloads.

Technical ContextAI

The vulnerability resides in Canva Affinity's EMF (Enhanced Metafile) file parser, a vector graphics format commonly used in Windows environments. The root cause is classified under CWE-125 (Out-of-bounds Read), which occurs when the parser fails to properly validate EMF record lengths or structure boundaries before reading data into a fixed-size buffer. The affected product is identified by CPE cpe:2.3:a:canva:affinity:*:*:*:*:*:*:*:*. EMF parsing is a complex operation involving interpretation of drawing commands, and improper bounds checking on record fields or resource tables can lead to reading beyond the intended buffer, exposing adjacent memory regions containing sensitive data such as encryption keys, authentication tokens, or other process secrets.

RemediationAI

Users should upgrade Canva Affinity to the patched version as specified in the official Canva security advisory (https://trust.canva.com/?tcuUid=1f728b0d-17f3-4c9c-97e9-6662b769eb62). Check the Canva support portal or release notes for the exact patched version number. Until a patch is deployed, implement the following workarounds: disable automatic opening of EMF files from untrusted sources, configure email clients to block or sandbox EMF attachments, and educate users not to open EMF files from unknown or suspicious senders. For enterprise environments, consider implementing application whitelisting or sandboxed preview tools for potentially malicious document formats. Monitor Talos Intelligence (https://talosintelligence.com/vulnerability_reports/TALOS-2025-2317) and the NIST National Vulnerability Database (https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2317) for updated guidance.

CVE-2025-66342 HIGH
7.8 Mar 17

A type confusion vulnerability in the EMF (Enhanced Metafile) functionality of Canva Affinity allows attackers to achiev

CVE-2025-64301 HIGH
7.8 Mar 17

An out-of-bounds write vulnerability in Canva Affinity's EMF file processing allows attackers to achieve code execution

CVE-2025-62500 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file processing functionality, al

CVE-2025-61979 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in the EMF (Enhanced Metafile) file handling functionality of Canva Affinity,

CVE-2025-64733 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file parsing functionality, allow

CVE-2025-66000 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in the EMF (Enhanced Metafile) file parsing functionality of Canva Affinity,

CVE-2025-64776 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file handling that allows attacke

CVE-2025-64735 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file processing functionality, af

CVE-2025-66633 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in the EMF (Enhanced Metafile) file parsing functionality of Canva Affinity,

CVE-2025-58427 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file parsing functionality, affec

CVE-2025-66617 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file parsing functionality, affec

CVE-2025-47873 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file handling functionality, affe

Share

CVE-2025-61952 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy