Primary

Context

Canva Affinity Out-of-Bounds Read Vulnerability in EMF Functionality

Vulnerability

A vulnerability allowing out-of-bounds read has been identified in the EMF processing of Canva Affinity version 3.0.1.3808. This issue arises when a specially crafted EMF file is used, leading to the potential disclosure of sensitive information by exploiting the way intercharacter spacing data is accessed.

Impact

Exploitation of this vulnerability allows for arbitrary memory reading within the process, which could result in the unintentional exposure of sensitive information.

Reproduction

The vulnerability can be reproduced by opening a crafted EMF file in Canva Affinity. The file must be designed to exploit the EMR_EXTTEXTOUTW record by setting the offDx value to exceed the record size, causing an out-of-bounds read when the intercharacter spacing array is accessed.

Remediation

Users are advised to upgrade to the latest version of Canva Affinity available from the Affinity website.

Added: Mar 17, 2026, 7:40 PM

Updated: Mar 17, 2026, 7:40 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.2

remediation

0.0

relevance

4.0

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.2

remediation

0.0

relevance

4.0

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Canva Affinity Out-of-Bounds Read Vulnerability in EMF Functionality

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating