CVE-2025-66342
EUVD-2025-20880317.03.2026, 19:15
A type confusion vulnerability exists in the EMF functionality of Canva Affinity. A specially crafted EMF file can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution.
Awaiting analysis
This vulnerability is currently awaiting analysis.