Cyber Resilience

CVE-2025-66342

HighPublic PoC

Published: 17 March 2026

Published
17 March 2026
Modified
19 March 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0001 2.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-66342 is a high-severity Type Confusion (CWE-843) vulnerability in Canva Affinity. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 2.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-66342 is a type confusion vulnerability (CWE-843) in the EMF functionality of Canva Affinity. A specially crafted EMF file can trigger this issue, leading to memory corruption and potential arbitrary code execution. The vulnerability was published on 2026-03-17 and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).

Exploitation requires local access with low complexity and no privileges, but depends on user interaction, such as opening a malicious EMF file in Canva Affinity. A successful attack can achieve high impacts across confidentiality, integrity, and availability, enabling arbitrary code execution on the targeted system.

Mitigation details are available in advisories from Talos Intelligence (TALOS-2025-2297 at https://talosintelligence.com/vulnerability_reports/TALOS-2025-2297 and https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2297) and Canva's trust center (https://trust.canva.com/?tcuUid=1f728b0d-17f3-4c9c-97e9-6662b769eb62).

EU & UK References

Vulnerability details

A type confusion vulnerability exists in the EMF functionality of Canva Affinity. A specially crafted EMF file can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
Why these techniques?

Directly triggered by user opening a malicious EMF file, enabling arbitrary code execution via memory corruption.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-66633Same product: Canva Affinity
CVE-2025-66503Same product: Canva Affinity
CVE-2026-20726Same product: Canva Affinity
CVE-2025-64776Same product: Canva Affinity
CVE-2025-64735Same product: Canva Affinity
CVE-2025-61979Same product: Canva Affinity
CVE-2025-65119Same product: Canva Affinity
CVE-2025-62403Same product: Canva Affinity
CVE-2025-58427Same product: Canva Affinity
CVE-2025-64733Same product: Canva Affinity

Affected Assets

canva
affinity
≤ 3.1.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Flaw remediation directly mitigates this CVE by applying vendor patches to fix the type confusion vulnerability in Canva Affinity's EMF parsing.

prevent

Memory protection mechanisms such as ASLR and DEP prevent arbitrary code execution from memory corruption triggered by the type confusion in EMF files.

prevent

Information input validation ensures proper checking of EMF file structures to avoid type confusion during parsing.

References