Skip to main content

Affinity EUVDEUVD-2025-208805

| CVE-2025-66617 MEDIUM
Out-of-bounds Read (CWE-125)
2026-03-17 talos
6.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.1 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

3
EUVD ID Assigned
Mar 17, 2026 - 20:30 euvd
EUVD-2025-208805
Analysis Generated
Mar 17, 2026 - 20:30 vuln.today
CVE Published
Mar 17, 2026 - 18:52 nvd
MEDIUM 6.1

DescriptionCVE.org

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.

AnalysisAI

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file parsing functionality, affecting Affinity version 3.0.1.3808 and potentially earlier versions. An attacker can craft a malicious EMF file that, when opened by a user in Affinity, triggers an out-of-bounds memory read, potentially disclosing sensitive information from the application's memory space. With a CVSS score of 6.1 and a local attack vector requiring user interaction, this vulnerability poses a moderate risk primarily through information disclosure, though local denial of service is also possible.

Technical ContextAI

The vulnerability resides in the EMF (Enhanced Metafile) file parsing code within Canva Affinity (CPE: cpe:2.3:a:canva:affinity:*:*:*:*:*:*:*:*), a professional design and publishing application. EMF is a Windows vector graphics format that stores drawing instructions; improper bounds checking during EMF record parsing fails to validate memory access offsets, resulting in CWE-125 (Out-of-bounds Read). When Affinity processes a specially crafted EMF file with malformed record headers or invalid offset values, the parser reads memory beyond allocated buffer boundaries. This class of vulnerability typically occurs in legacy or complex file format handlers where size validation is incomplete, and EMF files with nested structures and variable-length records present particular parsing challenges.

RemediationAI

Immediately upgrade Canva Affinity to the patched version released by the vendor; consult the official Canva security advisory at https://trust.canva.com/?tcuUid=1f728b0d-17f3-4c9c-97e9-6662b769eb62 for the specific fixed version number and download instructions. Until patching is possible, implement compensating controls by restricting users' ability to open EMF files from untrusted sources, disabling EMF import in Affinity if that feature is optional, and educating users not to open EMF files from unknown or suspicious origins. Organizations handling sensitive data should monitor their Affinity installations for any unexpected behavior or memory dumps that might indicate exploitation. Additionally, review access logs to identify whether any users have opened potentially malicious EMF files.

CVE-2025-66342 HIGH
7.8 Mar 17

A type confusion vulnerability in the EMF (Enhanced Metafile) functionality of Canva Affinity allows attackers to achiev

CVE-2025-64301 HIGH
7.8 Mar 17

An out-of-bounds write vulnerability in Canva Affinity's EMF file processing allows attackers to achieve code execution

CVE-2025-62500 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file processing functionality, al

CVE-2025-61979 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in the EMF (Enhanced Metafile) file handling functionality of Canva Affinity,

CVE-2025-64733 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file parsing functionality, allow

CVE-2025-66000 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in the EMF (Enhanced Metafile) file parsing functionality of Canva Affinity,

CVE-2025-64776 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file handling that allows attacke

CVE-2025-64735 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file processing functionality, af

CVE-2025-66633 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in the EMF (Enhanced Metafile) file parsing functionality of Canva Affinity,

CVE-2025-58427 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file parsing functionality, affec

CVE-2025-47873 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file handling functionality, affe

CVE-2025-61952 MEDIUM
6.1 Mar 17

An out-of-bounds read vulnerability exists in Canva Affinity's EMF (Enhanced Metafile) file parsing functionality that a

Share

EUVD-2025-208805 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy