CVE-2025-64735 – An out-of-bounds read vulnerability in Canva Af... (How to Fix)

Q: What is the severity of CVE-2025-64735?

CVE-2025-64735 has a CVSS score of 6.1 (MEDIUM). An out-of-bounds read vulnerability in Canva Affinity's EMF file processing allows attackers to read memory beyond allocated buffers via specially crafted EMF files. This could lead to sensitive information disclosure. Users of Canva Affinity software are affected.

📋 TL;DR

An out-of-bounds read vulnerability in Canva Affinity's EMF file processing allows attackers to read memory beyond allocated buffers via specially crafted EMF files. This could lead to sensitive information disclosure. Users of Canva Affinity software are affected.

💻 Affected Systems

Products:

Canva Affinity

Versions: Specific versions not specified in provided references

Operating Systems: Windows, macOS, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in EMF file processing functionality; any configuration that processes EMF files is vulnerable.

📦 What is this software?

Affinity by Canva

View all CVEs affecting Affinity →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Memory disclosure could reveal sensitive data like passwords, encryption keys, or proprietary information from the application's memory space.

🟠

Likely Case

Limited information disclosure from application memory, potentially revealing some system or application data.

🟢

If Mitigated

No impact if proper security controls prevent malicious file execution or memory access is restricted.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user interaction to open malicious EMF file; no authentication needed for file processing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Canva Affinity updates for specific version

Vendor Advisory: https://trust.canva.com/?tcuUid=1f728b0d-17f3-4c9c-97e9-6662b769eb62

Restart Required: Yes

Instructions:

1. Open Canva Affinity application
2. Navigate to Help menu
3. Select Check for Updates
4. Install available updates
5. Restart application

🔧 Temporary Workarounds

Disable EMF file processing

all

Prevent Canva Affinity from processing EMF files by blocking file associations

User education

all

Train users not to open EMF files from untrusted sources

🧯 If You Can't Patch

Restrict Canva Affinity to trusted users only
Implement application whitelisting to prevent unauthorized execution

🔍 How to Verify

Check if Vulnerable:

Check Canva Affinity version against vendor advisory; if using unpatched version, assume vulnerable

Check Version:

Open Canva Affinity → Help → About (version displayed)

Verify Fix Applied:

Verify Canva Affinity version is updated to patched version specified in vendor advisory

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing EMF files
Unusual memory access patterns in application logs

Network Indicators:

Downloads of EMF files from untrusted sources

SIEM Query:

source="Canva Affinity" AND (event="crash" OR event="memory_error")

📊 Metadata

CVE ID: CVE-2025-64735

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

CWE: CWE-125

Published: March 17, 2026

Last Updated: March 19, 2026

🔗 References

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2312 Exploit,Third Party Advisory
https://trust.canva.com/?tcuUid=1f728b0d-17f3-4c9c-97e9-6662b769eb62 Vendor Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2312 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-64735, you might also want to check these: