Program Removed

This program is no longer available on Bugcrowd. The scope data shown below is historical and may not reflect the final state of the program.

canva

BugcrowdView on Bugcrowd
RawAI Enhanced
36
In Scope
0
Out of Scope
In-Scope Assets (36)
AssetCategoryBountyQuick Links
*.canva-apps.cnURLYes
*.canva-apps.comURLYes
*.canva.cnURLYes
*.canva.comURLYes
*.canva.techURLYes
3rd-party provider vulnerabilityOTHERYes-
3rd-party provider vulnerabilityOTHERYes-
apps sdk sandboxingOTHERYes-
apps sdk sandboxingOTHERYes-
canva (android)ANDROIDYes-
canva (android)ANDROIDYes-
canva (chrome extension)OTHERYes-
canva (chrome extension)OTHERYes-
canva (ios)IOSYes-
canva (ios)IOSYes-
canva desktop (macos / windows)OTHERYes-
canva desktop (macos / windows)OTHERYes-
canva-apps.cnWILDCARDYes
canva-apps.comWILDCARDYes
canva.cnWILDCARDYes
canva.comWILDCARDYes
canva.techWILDCARDYes
https://api.canva.comURLYes
https://api.canva.comURLYes
https://www.canva.comURLYes
https://www.canva.comURLYes
https://www.canva.com/developersURLYes
https://www.canva.com/developersURLYes
https://www.canva.com/en_au/help/chatgpt-templatesURLYes
https://www.canva.com/en_au/help/chatgpt-templatesURLYes
https://www.canva.com/integrations/slackURLYes
https://www.canva.com/integrations/slackURLYes
leaked credentials and secrets (canva employee/contractor)OTHERYes-
leaked credentials and secrets (canva employee/contractor)OTHERYes-
leaked credentials and secrets (canva user)OTHERYes-
leaked credentials and secrets (canva user)OTHERYes-
Scope Changes (277)
Jun 26, 2026
ChangeAssetCategoryScopeTime
Program Removed06:34
Jun 25, 2026
ChangeAssetCategoryScopeTime
Addedleaked credentials and secrets (canva user)OTHERIn Scope02:31
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope02:31
Added*.canva-apps.cnURLIn Scope02:31
Added*.canva.cnURLIn Scope02:31
Addedcanva (chrome extension)OTHERIn Scope02:31
Addedcanva (android)ANDROIDIn Scope02:31
Addedcanva (ios)IOSIn Scope02:31
Addedcanva desktop (macos / windows)OTHERIn Scope02:31
Addedhttps://www.canva.com/integrations/slackURLIn Scope02:31
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope02:31
Added*.canva.techURLIn Scope02:31
Added*.canva-apps.comURLIn Scope02:31
Added*.canva.comURLIn Scope02:31
Addedhttps://api.canva.comURLIn Scope02:31
Addedapps sdk sandboxingOTHERIn Scope02:31
Added3rd-party provider vulnerabilityOTHERIn Scope02:31
Addedhttps://www.canva.com/developersURLIn Scope02:31
Addedhttps://www.canva.comURLIn Scope02:31
Addedleaked credentials and secrets (canva user)OTHERIn Scope02:31
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope02:31
Added*.canva.comWILDCARDIn Scope02:31
Addedhttps://www.canva.comURLIn Scope02:31
Added*.canva-apps.cnWILDCARDIn Scope02:31
Added*.canva.cnWILDCARDIn Scope02:31
Addedapps sdk sandboxingOTHERIn Scope02:31
Addedhttps://www.canva.com/developersURLIn Scope02:31
Addedcanva (ios)IOSIn Scope02:31
Addedcanva desktop (macos / windows)OTHERIn Scope02:31
Addedhttps://www.canva.com/integrations/slackURLIn Scope02:31
Added*.canva.techWILDCARDIn Scope02:31
Added*.canva-apps.comWILDCARDIn Scope02:31
Addedhttps://api.canva.comURLIn Scope02:31
Addedcanva (chrome extension)OTHERIn Scope02:31
Addedcanva (android)ANDROIDIn Scope02:31
Added3rd-party provider vulnerabilityOTHERIn Scope02:31
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope02:31
Program Removed01:41
Jun 24, 2026
ChangeAssetCategoryScopeTime
Added*.canva-apps.comURLIn Scope23:31
Addedcanva (android)ANDROIDIn Scope23:31
Addedcanva (ios)IOSIn Scope23:31
Added*.canva.techWILDCARDIn Scope23:31
Addedhttps://www.canva.com/developersURLIn Scope23:31
Added3rd-party provider vulnerabilityOTHERIn Scope23:31
Addedcanva desktop (macos / windows)OTHERIn Scope23:31
Addedhttps://www.canva.com/integrations/slackURLIn Scope23:31
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope23:31
Addedcanva (chrome extension)OTHERIn Scope23:31
Added*.canva-apps.comWILDCARDIn Scope23:31
Addedhttps://api.canva.comURLIn Scope23:31
Addedhttps://www.canva.comURLIn Scope23:31
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope23:31
Added*.canva.cnWILDCARDIn Scope23:31
Added*.canva.comWILDCARDIn Scope23:31
Addedapps sdk sandboxingOTHERIn Scope23:31
Addedleaked credentials and secrets (canva user)OTHERIn Scope23:31
Added*.canva-apps.cnWILDCARDIn Scope23:31
Added3rd-party provider vulnerabilityOTHERIn Scope23:31
Addedleaked credentials and secrets (canva user)OTHERIn Scope23:31
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope23:31
Added*.canva-apps.cnURLIn Scope23:31
Added*.canva.cnURLIn Scope23:31
Addedcanva (chrome extension)OTHERIn Scope23:31
Addedcanva (android)ANDROIDIn Scope23:31
Addedcanva (ios)IOSIn Scope23:31
Addedcanva desktop (macos / windows)OTHERIn Scope23:31
Addedhttps://www.canva.com/integrations/slackURLIn Scope23:31
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope23:31
Added*.canva.comURLIn Scope23:31
Addedhttps://api.canva.comURLIn Scope23:31
Addedapps sdk sandboxingOTHERIn Scope23:31
Addedhttps://www.canva.com/developersURLIn Scope23:31
Addedhttps://www.canva.comURLIn Scope23:31
Added*.canva.techURLIn Scope23:31
Program Removed22:41
Added*.canva-apps.comWILDCARDIn Scope20:31
Addedhttps://www.canva.comURLIn Scope20:31
Addedhttps://www.canva.com/developersURLIn Scope20:31
Addedapps sdk sandboxingOTHERIn Scope20:31
Addedhttps://api.canva.comURLIn Scope20:31
Added*.canva.comURLIn Scope20:31
Added*.canva-apps.comURLIn Scope20:31
Added*.canva.techURLIn Scope20:31
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope20:31
Addedhttps://www.canva.com/integrations/slackURLIn Scope20:31
Addedcanva desktop (macos / windows)OTHERIn Scope20:31
Addedcanva (ios)IOSIn Scope20:31
Addedcanva (android)ANDROIDIn Scope20:31
Addedcanva (chrome extension)OTHERIn Scope20:31
Added*.canva.cnURLIn Scope20:31
Added*.canva-apps.cnURLIn Scope20:31
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope20:31
Addedleaked credentials and secrets (canva user)OTHERIn Scope20:31
Added3rd-party provider vulnerabilityOTHERIn Scope20:31
Added*.canva.techWILDCARDIn Scope20:31
Addedhttps://www.canva.com/integrations/slackURLIn Scope20:31
Addedcanva (chrome extension)OTHERIn Scope20:31
Added*.canva-apps.cnWILDCARDIn Scope20:31
Added3rd-party provider vulnerabilityOTHERIn Scope20:31
Addedapps sdk sandboxingOTHERIn Scope20:31
Added*.canva.comWILDCARDIn Scope20:31
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope20:31
Addedleaked credentials and secrets (canva user)OTHERIn Scope20:31
Addedhttps://www.canva.com/developersURLIn Scope20:31
Addedhttps://api.canva.comURLIn Scope20:31
Addedcanva (android)ANDROIDIn Scope20:31
Added*.canva.cnWILDCARDIn Scope20:31
Addedhttps://www.canva.comURLIn Scope20:31
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope20:31
Addedcanva desktop (macos / windows)OTHERIn Scope20:31
Addedcanva (ios)IOSIn Scope20:31
Program Removed19:41
Jun 17, 2026
ChangeAssetCategoryScopeTime
Addedcanva (android)ANDROIDIn Scope11:32
Addedhttps://www.canva.comURLIn Scope11:32
Addedleaked credentials and secrets (canva user)OTHERIn Scope11:32
Added3rd-party provider vulnerabilityOTHERIn Scope11:32
Addedcanva desktop (macos / windows)OTHERIn Scope11:32
Addedhttps://www.canva.com/integrations/slackURLIn Scope11:32
Added*.canva-apps.comWILDCARDIn Scope11:32
Addedhttps://api.canva.comURLIn Scope11:32
Addedapps sdk sandboxingOTHERIn Scope11:32
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope11:32
Addedcanva (chrome extension)OTHERIn Scope11:32
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope11:32
Addedhttps://www.canva.com/developersURLIn Scope11:32
Added*.canva-apps.cnWILDCARDIn Scope11:32
Added*.canva.cnWILDCARDIn Scope11:32
Added3rd-party provider vulnerabilityOTHERIn Scope11:32
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope11:32
Addedleaked credentials and secrets (canva user)OTHERIn Scope11:32
Addedcanva (ios)IOSIn Scope11:32
Added*.canva.comWILDCARDIn Scope11:32
Added*.canva.techWILDCARDIn Scope11:32
Addedhttps://www.canva.comURLIn Scope11:32
Addedhttps://www.canva.com/developersURLIn Scope11:32
Addedapps sdk sandboxingOTHERIn Scope11:32
Addedhttps://api.canva.comURLIn Scope11:32
Added*.canva.comURLIn Scope11:32
Added*.canva-apps.comURLIn Scope11:32
Added*.canva.techURLIn Scope11:32
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope11:32
Addedhttps://www.canva.com/integrations/slackURLIn Scope11:32
Addedcanva desktop (macos / windows)OTHERIn Scope11:32
Addedcanva (ios)IOSIn Scope11:32
Addedcanva (android)ANDROIDIn Scope11:32
Addedcanva (chrome extension)OTHERIn Scope11:32
Added*.canva.cnURLIn Scope11:32
Added*.canva-apps.cnURLIn Scope11:32
Program Removed10:34
Mar 20, 2026
ChangeAssetCategoryScopeTime
Added*.canva.cnWILDCARDIn Scope06:43
Addedapps sdk sandboxingOTHERIn Scope06:43
Addedhttps://www.canva.comURLIn Scope06:43
Addedhttps://www.canva.com/developersURLIn Scope06:43
Addedapps sdk sandboxingOTHERIn Scope06:43
Addedhttps://api.canva.comURLIn Scope06:43
Added*.canva.comURLIn Scope06:43
Added*.canva-apps.comURLIn Scope06:43
Added*.canva.techURLIn Scope06:43
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope06:43
Addedhttps://www.canva.com/integrations/slackURLIn Scope06:43
Addedcanva desktop (macos / windows)OTHERIn Scope06:43
Addedcanva (ios)IOSIn Scope06:43
Addedcanva (android)ANDROIDIn Scope06:43
Addedcanva (chrome extension)OTHERIn Scope06:43
Added*.canva.cnURLIn Scope06:43
Added*.canva-apps.cnURLIn Scope06:43
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope06:43
Addedleaked credentials and secrets (canva user)OTHERIn Scope06:43
Added3rd-party provider vulnerabilityOTHERIn Scope06:43
Added*.canva.comWILDCARDIn Scope06:43
Addedcanva desktop (macos / windows)OTHERIn Scope06:43
Addedleaked credentials and secrets (canva user)OTHERIn Scope06:43
Addedhttps://www.canva.comURLIn Scope06:43
Addedhttps://api.canva.comURLIn Scope06:43
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope06:43
Addedcanva (ios)IOSIn Scope06:43
Addedcanva (android)ANDROIDIn Scope06:43
Added*.canva-apps.comWILDCARDIn Scope06:43
Added*.canva.techWILDCARDIn Scope06:43
Addedhttps://www.canva.com/integrations/slackURLIn Scope06:43
Addedcanva (chrome extension)OTHERIn Scope06:43
Added*.canva-apps.cnWILDCARDIn Scope06:43
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope06:43
Added3rd-party provider vulnerabilityOTHERIn Scope06:43
Addedhttps://www.canva.com/developersURLIn Scope06:43
Program Removed04:54
Mar 5, 2026
ChangeAssetCategoryScopeTime
Addedhttps://www.canva.comURLIn Scope22:27
Addedleaked credentials and secrets (canva user)OTHERIn Scope22:27
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope22:27
Addedcanva (ios)IOSIn Scope22:27
Addedcanva (chrome extension)OTHERIn Scope22:27
Addedcanva (android)ANDROIDIn Scope22:27
Addedhttps://www.canva.com/integrations/slackURLIn Scope22:27
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope22:27
Added*.canva.techWILDCARDIn Scope22:27
Added*.canva-apps.comWILDCARDIn Scope22:27
Addedhttps://www.canva.com/developersURLIn Scope22:27
Addedhttps://www.canva.comURLIn Scope22:27
Added*.canva-apps.cnWILDCARDIn Scope22:27
Added*.canva.cnWILDCARDIn Scope22:27
Addedcanva desktop (macos / windows)OTHERIn Scope22:27
Added*.canva.comWILDCARDIn Scope22:27
Addedhttps://api.canva.comURLIn Scope22:27
Added3rd-party provider vulnerabilityOTHERIn Scope22:27
Addedapps sdk sandboxingOTHERIn Scope22:27
Added3rd-party provider vulnerabilityOTHERIn Scope22:27
Addedleaked credentials and secrets (canva user)OTHERIn Scope22:27
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope22:27
Added*.canva-apps.cnURLIn Scope22:27
Added*.canva.cnURLIn Scope22:27
Addedcanva (chrome extension)OTHERIn Scope22:27
Addedcanva (ios)IOSIn Scope22:27
Addedcanva desktop (macos / windows)OTHERIn Scope22:27
Addedhttps://www.canva.com/integrations/slackURLIn Scope22:27
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope22:27
Added*.canva.techURLIn Scope22:27
Addedcanva (android)ANDROIDIn Scope22:27
Added*.canva-apps.comURLIn Scope22:27
Added*.canva.comURLIn Scope22:27
Addedhttps://api.canva.comURLIn Scope22:27
Addedhttps://www.canva.com/developersURLIn Scope22:27
Addedapps sdk sandboxingOTHERIn Scope22:27
Feb 25, 2026
ChangeAssetCategoryScopeTime
Added*.canva.techWILDCARDIn Scope19:14
Added*.canva-apps.comWILDCARDIn Scope19:14
Addedhttps://www.canva.com/developersURLIn Scope19:14
Addedhttps://www.canva.comURLIn Scope19:14
Addedapps sdk sandboxingOTHERIn Scope19:14
Added*.canva.cnWILDCARDIn Scope19:14
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope19:14
Addedcanva (chrome extension)OTHERIn Scope19:14
Addedcanva (android)ANDROIDIn Scope19:14
Addedcanva (ios)IOSIn Scope19:14
Addedhttps://www.canva.com/integrations/slackURLIn Scope19:14
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope19:14
Added*.canva.comWILDCARDIn Scope19:14
Added3rd-party provider vulnerabilityOTHERIn Scope19:14
Addedleaked credentials and secrets (canva user)OTHERIn Scope19:14
Added*.canva-apps.cnWILDCARDIn Scope19:14
Addedcanva desktop (macos / windows)OTHERIn Scope19:14
Addedhttps://api.canva.comURLIn Scope19:14
Program Removed17:22
Addedleaked credentials and secrets (canva user)OTHERIn Scope17:14
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope17:14
Added*.canva-apps.cnURLIn Scope17:14
Added*.canva.cnURLIn Scope17:14
Addedcanva (chrome extension)OTHERIn Scope17:14
Addedcanva (android)ANDROIDIn Scope17:14
Addedcanva (ios)IOSIn Scope17:14
Addedcanva desktop (macos / windows)OTHERIn Scope17:14
Addedhttps://www.canva.com/integrations/slackURLIn Scope17:14
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope17:14
Added*.canva.techURLIn Scope17:14
Added*.canva-apps.comURLIn Scope17:14
Added*.canva.comURLIn Scope17:14
Addedhttps://api.canva.comURLIn Scope17:14
Addedapps sdk sandboxingOTHERIn Scope17:14
Addedhttps://www.canva.comURLIn Scope17:14
Addedhttps://www.canva.com/developersURLIn Scope17:14
Addedcanva (chrome extension)OTHERIn Scope17:14
Added*.canva-apps.comWILDCARDIn Scope17:14
Addedapps sdk sandboxingOTHERIn Scope17:14
Added*.canva.cnWILDCARDIn Scope17:14
Addedcanva desktop (macos / windows)OTHERIn Scope17:14
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope17:14
Addedhttps://www.canva.com/developersURLIn Scope17:14
Addedhttps://www.canva.comURLIn Scope17:14
Addedcanva (android)ANDROIDIn Scope17:14
Addedhttps://www.canva.com/integrations/slackURLIn Scope17:14
Added*.canva.comWILDCARDIn Scope17:14
Addedhttps://api.canva.comURLIn Scope17:14
Added3rd-party provider vulnerabilityOTHERIn Scope17:14
Addedleaked credentials and secrets (canva user)OTHERIn Scope17:14
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope17:14
Added*.canva-apps.cnWILDCARDIn Scope17:14
Addedcanva (ios)IOSIn Scope17:14
Added*.canva.techWILDCARDIn Scope17:14
Added3rd-party provider vulnerabilityOTHERIn Scope17:14