CVE-2025-64301

Summary

An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out‑of‑bounds write, potentially leading to code execution.

Affected Software

VendorProductVersion RangeStatus
CanvaAffinity3.0.1.3808affected

Weaknesses

  • CWE-787: CWE-787: Out-of-bounds Write

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References