Vulnerabilities

CVE-2025-12792

by Fred · 18/11/2025

The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC (Transparency, Consent, and Control) permissions assigned to Canva.

More information : https://trust.canva.com/?tcuUid=1e77a34b-f586-450b-b30d-b6e17d15b443

Similar

Tags: Cybersecurity Alert