Threats Tagged 'cve-2025-66342'
View all threats tagged with 'cve-2025-66342'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2025-66342'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2025-66342: CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') in Canva AffinityCVE-2025-66342 0 CVE-2025-66342 is a high-severity type confusion vulnerability in the EMF processing functionality of Canva Affinity version 3.0.1.3808. An attacker can craft a malicious EMF file that, when opened or processed by the vulnerable software, triggers memory corruption leading to arbitrary code execution. Exploitation requires local access and user interaction, but no privileges are needed. The vulnerability impacts confidentiality, integrity, and availability due to potential full system compromise. No known exploits are currently in the wild, and no patches have been released yet. Organizations using Canva Affinity for graphic design should be cautious when handling EMF files from untrusted sources. Mitigation involves restricting EMF file handling, applying vendor patches once available, and employing endpoint protection with behavior monitoring. Join the discussion | CVE Database V5 | 03/17/2026, 18:52:52 UTC Added: 03/17/2026, 19:43:28 UTC |
Showing 1 to 1 of 1 result