Skip to main content

Affinity CVE-2025-66503

| EUVDEUVD-2025-208804 MEDIUM
Out-of-bounds Read (CWE-125)
2026-03-17 talos
6.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.1 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

3
EUVD ID Assigned
Mar 17, 2026 - 20:30 euvd
EUVD-2025-208804
Analysis Generated
Mar 17, 2026 - 20:30 vuln.today
CVE Published
Mar 17, 2026 - 18:52 nvd
MEDIUM 6.1

DescriptionCVE.org

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.

AnalysisAI

An out-of-bounds read vulnerability exists in the EMF (Enhanced Metafile) file parsing functionality of Canva Affinity, allowing attackers to read memory beyond allocated buffer boundaries by crafting malicious EMF files. Affinity version 3.0.1.3808 and potentially earlier versions are affected. An attacker with local access can exploit this vulnerability through user interaction (opening a crafted EMF file) to disclose sensitive information from process memory, with potential for denial of service through application crashes.

Technical ContextAI

The vulnerability resides in the Enhanced Metafile (EMF) handling subsystem of Canva Affinity (cpe:2.3:a:canva:affinity:*:*:*:*:*:*:*:*). EMF is a vector graphics file format commonly used in Windows environments. The root cause is classified as CWE-125 (Out-of-bounds Read), indicating that the EMF parser fails to properly validate buffer boundaries before reading data structures embedded in EMF file headers or records. This allows an attacker-controlled EMF file to cause the application to read memory locations outside the intended buffer, exposing adjacent heap or stack data. The vulnerability was identified and reported by Cisco Talos Intelligence, suggesting it was discovered through fuzzing or directed security analysis of the EMF parsing code path.

RemediationAI

Upgrade Canva Affinity to the latest version released after 3.0.1.3808, as confirmed through Canva's official security advisory at https://trust.canva.com/?tcuUid=1f728b0d-17f3-4c9c-97e9-6662b769eb62. Until patching is feasible, implement user awareness training to avoid opening EMF files from untrusted sources, disable automatic EMF file preview features if available, and consider restricting file type associations for EMF files at the system level. Additionally, monitor Affinity process execution for unexpected memory access patterns or crashes, which may indicate exploit attempts. For enterprise deployments, enforce application execution policies to restrict Affinity to known-good versions and apply defense-in-depth measures such as sandboxing design applications or running them in isolated user accounts with minimal data access.

CVE-2025-66342 HIGH
7.8 Mar 17

A type confusion vulnerability in the EMF (Enhanced Metafile) functionality of Canva Affinity allows attackers to achiev

CVE-2025-64301 HIGH
7.8 Mar 17

An out-of-bounds write vulnerability in Canva Affinity's EMF file processing allows attackers to achieve code execution

CVE-2025-62500 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file processing functionality, al

CVE-2025-61979 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in the EMF (Enhanced Metafile) file handling functionality of Canva Affinity,

CVE-2025-64733 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file parsing functionality, allow

CVE-2025-66000 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in the EMF (Enhanced Metafile) file parsing functionality of Canva Affinity,

CVE-2025-64776 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file handling that allows attacke

CVE-2025-64735 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file processing functionality, af

CVE-2025-66633 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in the EMF (Enhanced Metafile) file parsing functionality of Canva Affinity,

CVE-2025-58427 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file parsing functionality, affec

CVE-2025-66617 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file parsing functionality, affec

CVE-2025-47873 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file handling functionality, affe

Share

CVE-2025-66503 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy