汇总 canva 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
历史漏洞主要涉及 缓冲区溢出与内存损坏 等问题,部分漏洞可能导致 应用崩溃,并影响 软件部署与生产负载 相关场景。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2026-22882 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2026-20726 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-66633 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-66617 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-66503 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-66342 | A type confusion vulnerability exists in the EMF functionality of Canva Affinity. A specially crafted EMF file can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. | [email protected] | 7.8 | 0.28% | 2026-03-17 | 2026-06-17 |
| CVE-2025-66042 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-66000 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-65119 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-64776 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.28% | 2026-03-17 | 2026-06-17 |
| CVE-2025-64735 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-64733 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-64301 | An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out‑of‑bounds write, potentially leading to code execution. | [email protected] | 7.8 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-62500 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-62403 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-61979 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-61952 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-58427 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-47873 | An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | [email protected] | 6.1 | 0.27% | 2026-03-17 | 2026-06-17 |
| CVE-2025-12792 | The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC (Transparency, Consent, and Control) permissions assigned to Canva. | 4ac701fe-44e9-4bcd-9585-dd6449257611 | 3.2 | 0.10% | 2025-11-17 | 2026-06-17 |