CVE-2025-61952

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 4.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2317	Exploit Third Party Advisory
https://trust.canva.com/?tcuUid=1f728b0d-17f3-4c9c-97e9-6662b769eb62	Vendor Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2317	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:canva:affinity:*:*:*:*:*:windows:*:*

History

No history.

Information

Published : 2026-03-17 19:15

Updated : 2026-03-19 12:22

NVD link : CVE-2025-61952

Mitre link : CVE-2025-61952

CVE.ORG link : CVE-2025-61952

JSON object : View

Products Affected

canva

affinity

CWE

CWE-125

Out-of-bounds Read

{"id": "CVE-2025-61952", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.2, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2026-03-17T19:15:57.927", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2317", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://trust.canva.com/?tcuUid=1f728b0d-17f3-4c9c-97e9-6662b769eb62", "tags": ["Vendor Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2317", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information."}, {"lang": "es", "value": "Una vulnerabilidad de lectura fuera de l\u00edmites existe en la funcionalidad EMF de Canva Affinity. Al usar un archivo EMF especialmente dise\u00f1ado, un atacante podr\u00eda explotar esta vulnerabilidad para realizar una lectura fuera de l\u00edmites, lo que podr\u00eda llevar a la divulgaci\u00f3n de informaci\u00f3n sensible."}], "lastModified": "2026-03-19T12:22:55.020", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:canva:affinity:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "4C0FE26D-7256-455B-86B0-D69621C80C02", "versionEndExcluding": "3.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}