CVE-2025-66000 is a medium-severity vulnerability classified as CWE-125 (Out-of-bounds Read) affecting the EMF (Enhanced Metafile) functionality in Canva Affinity version 3.0.1.3808. The vulnerability arises when the application processes a specially crafted EMF file, causing it to read memory outside the intended buffer boundaries. This out-of-bounds read can result in the disclosure of sensitive information from the application's memory space, potentially exposing confidential data to an attacker. The vulnerability requires the victim to open or interact with a malicious EMF file, making user interaction necessary for exploitation. The attack vector is local, meaning the attacker must have access to deliver the malicious file to the user, but no privileges or authentication are required. The CVSS 3.1 base score is 6.1, reflecting a medium severity level with high confidentiality impact, no integrity impact, and low availability impact. No known exploits have been reported in the wild to date. The vulnerability does not allow remote code execution or privilege escalation but can be leveraged for information disclosure attacks, which may aid further exploitation or reconnaissance. Canva Affinity is a graphic design tool widely used by creative professionals, and the EMF format is a common vector for vector graphics and image files, increasing the likelihood of encountering malicious files in shared environments. The lack of an official patch at the time of reporting necessitates immediate mitigation strategies to reduce risk.

The primary impact of CVE-2025-66000 is the potential disclosure of sensitive information from the memory of systems running Canva Affinity 3.0.1.3808 when processing malicious EMF files. This can lead to leakage of confidential data such as user credentials, proprietary design elements, or other sensitive in-memory information. While the vulnerability does not allow code execution or system compromise directly, the information disclosure could facilitate subsequent targeted attacks or social engineering. Organizations relying on Canva Affinity for design workflows may face data confidentiality risks, especially if untrusted EMF files are received via email, file sharing, or collaboration platforms. The requirement for user interaction limits large-scale automated exploitation but does not eliminate risk in environments with high file exchange volumes. The vulnerability could affect availability minimally, as out-of-bounds reads may cause application crashes or instability. Overall, the threat is moderate but significant for organizations handling sensitive design data or intellectual property.

1. Restrict the opening of EMF files from untrusted or unknown sources within Canva Affinity to reduce exposure to malicious files. 2. Implement strict file validation and scanning for EMF files using updated antivirus and endpoint protection solutions capable of detecting malformed EMF payloads. 3. Educate users about the risks of opening unsolicited or suspicious EMF files, emphasizing cautious handling of email attachments and downloads. 4. Monitor Canva Affinity vendor communications closely for official patches or updates addressing CVE-2025-66000 and apply them promptly once released. 5. Consider sandboxing or running Canva Affinity in isolated environments when processing EMF files from external sources to limit potential data exposure. 6. Employ network-level controls to block or flag EMF files in email gateways or file sharing platforms where feasible. 7. Conduct regular security assessments and memory analysis on systems running Canva Affinity to detect anomalous behavior indicative of exploitation attempts.