CVE-2025-61952 – An out-of-bounds read vulnerability in Canva Af... (How to Fix)

Q: What is the severity of CVE-2025-61952?

CVE-2025-61952 has a CVSS score of 6.1 (MEDIUM). An out-of-bounds read vulnerability in Canva Affinity's EMF file processing allows attackers to read memory beyond allocated buffers via specially crafted EMF files. This could lead to sensitive information disclosure. Users of Canva Affinity software are affected.

📋 TL;DR

An out-of-bounds read vulnerability in Canva Affinity's EMF file processing allows attackers to read memory beyond allocated buffers via specially crafted EMF files. This could lead to sensitive information disclosure. Users of Canva Affinity software are affected.

💻 Affected Systems

Products:

Canva Affinity

Versions: Specific versions not detailed in provided references; check vendor advisory for exact affected versions.

Operating Systems: Windows, macOS, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in EMF file processing functionality; any configuration using this feature is vulnerable.

📦 What is this software?

Affinity by Canva

View all CVEs affecting Affinity →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Memory disclosure could reveal sensitive data like credentials, encryption keys, or other application data in memory, potentially enabling further attacks.

🟠

Likely Case

Information disclosure of random memory contents, which could include fragments of sensitive data or application state.

🟢

If Mitigated

Limited impact with proper sandboxing and memory protections, though some information leakage may still occur.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user interaction to open a malicious EMF file; no authentication needed for the file processing itself.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patched version.

Vendor Advisory: https://trust.canva.com/?tcuUid=1f728b0d-17f3-4c9c-97e9-6662b769eb62

Restart Required: Yes

Instructions:

1. Visit the Canva Trust Center advisory.
2. Download and install the latest version of Canva Affinity.
3. Restart the application after installation.

🔧 Temporary Workarounds

Disable EMF file processing

all

Prevent the application from processing EMF files to block exploitation vectors.

User education on file handling

all

Train users to avoid opening EMF files from untrusted sources.

🧯 If You Can't Patch

Implement application whitelisting to block execution of vulnerable versions.
Use network segmentation to limit access to affected systems.

🔍 How to Verify

Check if Vulnerable:

Check the installed version of Canva Affinity against the vendor's patched version list.

Check Version:

Check within the application's 'About' or 'Help' menu for version information.

Verify Fix Applied:

Confirm the installed version matches or exceeds the patched version specified by the vendor.

📡 Detection & Monitoring

Log Indicators:

Application crashes or unexpected behavior when processing EMF files.
Unusual memory access patterns in application logs.

Network Indicators:

Downloads of EMF files from untrusted sources to affected systems.

SIEM Query:

Search for file extensions '.emf' being opened or processed by Canva Affinity executable.

📊 Metadata

CVE ID: CVE-2025-61952

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

CWE: CWE-125

Published: March 17, 2026

Last Updated: March 19, 2026

🔗 References

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2317 Exploit,Third Party Advisory
https://trust.canva.com/?tcuUid=1f728b0d-17f3-4c9c-97e9-6662b769eb62 Vendor Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2317 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-61952, you might also want to check these: