{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-27T04:50:19.986","vulnerabilities":[{"cve":{"id":"CVE-2025-64301","sourceIdentifier":"talos-cna@cisco.com","published":"2026-03-17T19:15:58.587","lastModified":"2026-06-17T09:54:10.420","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out‑of‑bounds write, potentially leading to code execution."},{"lang":"es","value":"Existe una vulnerabilidad de escritura fuera de límites en la funcionalidad EMF de Canva Affinity. Al usar un archivo EMF especialmente diseñado, un atacante podría explotar esta vulnerabilidad para realizar una escritura fuera de límites, lo que podría llevar a la ejecución de código."}],"affected":[{"source":"talos-cna@cisco.com","affectedData":[{"vendor":"Canva","product":"Affinity","versions":[{"version":"3.0.1.3808","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-18T13:57:49.084408Z","id":"CVE-2025-64301","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:canva:affinity:*:*:*:*:*:windows:*:*","versionEndExcluding":"3.1.0","matchCriteriaId":"4C0FE26D-7256-455B-86B0-D69621C80C02"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2025-2310","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://trust.canva.com/?tcuUid=1f728b0d-17f3-4c9c-97e9-6662b769eb62","source":"talos-cna@cisco.com","tags":["Vendor Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2310","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}