Trust & Security Portal
Canva is an online digital design and publishing platform that enables individuals, teams, and enterprises to create visual content collaboratively. It supports the creation of a wide range of content, including social media posts, presentations, videos, posters, logos, and websites. With over 220 million monthly active users worldwide, trust, privacy, and security are central to how we operate. Learn more about Canva here - https://www.canva.com/about/.
This Trust & Security Portal provides visibility into Canva’s security posture, privacy practices, compliance commitments, and reliability controls. You can also request access to our security documentation and audit reports through the portal.
Expedia Group
Salesforce
T-Mobile
Stripe
Airbnb
HubSpot
Subprocessors
Subprocessors
Various vulnerabilities in the EMF functionality of Affinity
Security Bulletin
Published Date: 17 March 2026
Vulnerabilities
CVE-2025-66342
- Description: A type confusion vulnerability exists in the EMF functionality of Affinity. A specially crafted EMF file can trigger this vulnerability, leading to memory corruption.
- Severity: High
- CVSS: 7.8 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-64301
- Description: An out-of-bounds write vulnerability exists in the EMF functionality of Affinity. By using a specially crafted EMF file, a threat actor could exploit this vulnerability to perform an out-of-bounds write, leading to memory corruption.
- Severity: High
- CVSS: 7.8 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-62500
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-61979
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-64733
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-66000
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-64776
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-64735
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-66633
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-58427
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-66617
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-47873
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-61952
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-66503
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-66042
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-65119
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2025-62403
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2026-20726
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
CVE-2026-22882
- Description: An out-of-bounds read vulnerability exists in the EMF functionality of Affinity.
- Severity: Medium
- CVSS: 4.4 -
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L - Affected Products and Versions: Affinity Desktop for Windows before 3.1.0 (March 26)
Remediation Advice
Canva recommends that users upgrade to the latest version of Affinity available from https://www.affinity.studio/get-affinity
Timeline
| Date | Event |
|---|---|
| 22 January 2026 | Submission without vulnerability details made to Canva's Bug Bounty Program by Cisco Talos. |
| 22 January 2026 | Submission closed by Bug Bounty Program triage for not containing any vulnerability details. |
| 27 January 2026 | Canva emails Cisco Talos to ask for disclosure of vulnerability details. |
| 28 January 2026 | Cisco Talos provides vulnerability details to Canva, and Canva confirms vulnerabilities are being assessed. |
| 16 March 2026 | Fix released by Canva. |
Acknowledgements
These vulnerabilities were reported to Canva by KPC of Cisco Talos.
CVE-2025-12792
Security Bulletin
Published Date: 13 November 2025
CVE: CVE-2025-12792
Severity: Low
CVSS: 3.2 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N
Affected Products and Versions: The Canva for Mac desktop app before version 1.117.1, released through the Mac App Store. The Canva for Mac desktop app distributed through canva.com is not affected.
Details
The Mac App Store distribution of the Canva for Mac desktop app was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC (Transparency, Consent, and Control) permissions assigned to Canva.
Remediation Advice
Canva recommends users upgrade to the latest version of the Canva application via the Mac App Store.
Acknowledgements
This vulnerability was submitted to Canva's Bug Bounty Program by p1tsi.