canva

BugcrowdView on Bugcrowd
RawAI Enhanced
18
In Scope
0
Out of Scope
In-Scope Assets (18)
AssetCategoryBountyQuick Links
*.canva-apps.cnURLYes
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
*.canva-apps.comURLYes
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
*.canva.cnURLYes
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
*.canva.comURLYes
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
3rd-Party Provider VulnerabilityOTHERYes-
Apps SDK SandboxingOTHERYes-
Canva (Android)ANDROIDYes-
Canva (Chrome Extension)OTHERYes-
Canva (iOS)IOSYes-
Canva Desktop (macOS / Windows)OTHERYes-
Leaked Credentials and Secrets (Canva Employee/Contractor)OTHERYes-
Leaked Credentials and Secrets (Canva User)OTHERYes-
https://*.canva.techURLYes
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
https://api.canva.comURLYes
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
https://www.canva.comURLYes
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
https://www.canva.com/developers/URLYes
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
https://www.canva.com/en_au/help/chatgpt-templates/URLYes
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
https://www.canva.com/integrations/slack/URLYes
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
Scope Changes (128)
Mar 20, 2026
ChangeAssetCategoryScopeTime
Addedleaked credentials and secrets (canva user)OTHERIn Scope06:43
Addedhttps://www.canva.comURLIn Scope06:43
Addedhttps://www.canva.com/developersURLIn Scope06:43
Addedapps sdk sandboxingOTHERIn Scope06:43
Addedhttps://api.canva.comURLIn Scope06:43
Added*.canva.comURLIn Scope06:43
Added*.canva-apps.comURLIn Scope06:43
Added*.canva.techURLIn Scope06:43
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope06:43
Addedhttps://www.canva.com/integrations/slackURLIn Scope06:43
Addedcanva desktop (macos / windows)OTHERIn Scope06:43
Addedcanva (ios)IOSIn Scope06:43
Addedcanva (android)ANDROIDIn Scope06:43
Addedcanva (chrome extension)OTHERIn Scope06:43
Added*.canva.cnURLIn Scope06:43
Added*.canva-apps.cnURLIn Scope06:43
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope06:43
Addedapps sdk sandboxingOTHERIn Scope06:43
Added3rd-party provider vulnerabilityOTHERIn Scope06:43
Added*.canva.comWILDCARDIn Scope06:43
Addedcanva desktop (macos / windows)OTHERIn Scope06:43
Addedleaked credentials and secrets (canva user)OTHERIn Scope06:43
Addedhttps://www.canva.comURLIn Scope06:43
Addedhttps://api.canva.comURLIn Scope06:43
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope06:43
Addedcanva (ios)IOSIn Scope06:43
Addedcanva (android)ANDROIDIn Scope06:43
Added*.canva.cnWILDCARDIn Scope06:43
Added*.canva-apps.comWILDCARDIn Scope06:43
Added*.canva.techWILDCARDIn Scope06:43
Addedhttps://www.canva.com/integrations/slackURLIn Scope06:43
Addedcanva (chrome extension)OTHERIn Scope06:43
Added*.canva-apps.cnWILDCARDIn Scope06:43
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope06:43
Added3rd-party provider vulnerabilityOTHERIn Scope06:43
Addedhttps://www.canva.com/developersURLIn Scope06:43
Program Removed04:54
Mar 5, 2026
ChangeAssetCategoryScopeTime
Addedcanva (ios)IOSIn Scope22:27
Addedcanva (android)ANDROIDIn Scope22:27
Addedhttps://www.canva.comURLIn Scope22:27
Addedhttps://www.canva.com/developersURLIn Scope22:27
Addedapps sdk sandboxingOTHERIn Scope22:27
Addedhttps://api.canva.comURLIn Scope22:27
Added*.canva.comURLIn Scope22:27
Added*.canva-apps.comURLIn Scope22:27
Added*.canva.techURLIn Scope22:27
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope22:27
Addedhttps://www.canva.com/integrations/slackURLIn Scope22:27
Addedcanva desktop (macos / windows)OTHERIn Scope22:27
Added3rd-party provider vulnerabilityOTHERIn Scope22:27
Addedapps sdk sandboxingOTHERIn Scope22:27
Added3rd-party provider vulnerabilityOTHERIn Scope22:27
Addedhttps://api.canva.comURLIn Scope22:27
Added*.canva.comWILDCARDIn Scope22:27
Addedcanva desktop (macos / windows)OTHERIn Scope22:27
Added*.canva.cnWILDCARDIn Scope22:27
Added*.canva-apps.cnWILDCARDIn Scope22:27
Addedhttps://www.canva.comURLIn Scope22:27
Addedhttps://www.canva.com/developersURLIn Scope22:27
Added*.canva-apps.comWILDCARDIn Scope22:27
Added*.canva.techWILDCARDIn Scope22:27
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope22:27
Addedhttps://www.canva.com/integrations/slackURLIn Scope22:27
Addedcanva (android)ANDROIDIn Scope22:27
Addedcanva (chrome extension)OTHERIn Scope22:27
Addedcanva (ios)IOSIn Scope22:27
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope22:27
Addedleaked credentials and secrets (canva user)OTHERIn Scope22:27
Addedcanva (chrome extension)OTHERIn Scope22:27
Added*.canva.cnURLIn Scope22:27
Added*.canva-apps.cnURLIn Scope22:27
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope22:27
Addedleaked credentials and secrets (canva user)OTHERIn Scope22:27
Feb 25, 2026
ChangeAssetCategoryScopeTime
Added*.canva.comWILDCARDIn Scope19:14
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope19:14
Addedhttps://www.canva.com/integrations/slackURLIn Scope19:14
Addedcanva (ios)IOSIn Scope19:14
Addedcanva (android)ANDROIDIn Scope19:14
Addedcanva (chrome extension)OTHERIn Scope19:14
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope19:14
Addedhttps://www.canva.comURLIn Scope19:14
Addedhttps://www.canva.com/developersURLIn Scope19:14
Added*.canva-apps.comWILDCARDIn Scope19:14
Added*.canva.techWILDCARDIn Scope19:14
Added*.canva.cnWILDCARDIn Scope19:14
Addedapps sdk sandboxingOTHERIn Scope19:14
Addedhttps://api.canva.comURLIn Scope19:14
Addedcanva desktop (macos / windows)OTHERIn Scope19:14
Added*.canva-apps.cnWILDCARDIn Scope19:14
Addedleaked credentials and secrets (canva user)OTHERIn Scope19:14
Added3rd-party provider vulnerabilityOTHERIn Scope19:14
Program Removed17:22
Addedhttps://www.canva.comURLIn Scope17:14
Addedhttps://www.canva.com/developersURLIn Scope17:14
Addedapps sdk sandboxingOTHERIn Scope17:14
Addedhttps://api.canva.comURLIn Scope17:14
Added*.canva.comURLIn Scope17:14
Added*.canva-apps.comURLIn Scope17:14
Added*.canva.techURLIn Scope17:14
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope17:14
Addedhttps://www.canva.com/integrations/slackURLIn Scope17:14
Addedcanva desktop (macos / windows)OTHERIn Scope17:14
Addedcanva (ios)IOSIn Scope17:14
Addedcanva (android)ANDROIDIn Scope17:14
Addedcanva (chrome extension)OTHERIn Scope17:14
Added*.canva.cnURLIn Scope17:14
Added*.canva-apps.cnURLIn Scope17:14
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope17:14
Addedleaked credentials and secrets (canva user)OTHERIn Scope17:14
Added3rd-party provider vulnerabilityOTHERIn Scope17:14
Added*.canva.techWILDCARDIn Scope17:14
Addedcanva (ios)IOSIn Scope17:14
Added*.canva-apps.cnWILDCARDIn Scope17:14
Addedleaked credentials and secrets (canva employee/contractor)OTHERIn Scope17:14
Addedleaked credentials and secrets (canva user)OTHERIn Scope17:14
Added3rd-party provider vulnerabilityOTHERIn Scope17:14
Addedhttps://api.canva.comURLIn Scope17:14
Added*.canva.comWILDCARDIn Scope17:14
Addedhttps://www.canva.com/integrations/slackURLIn Scope17:14
Addedcanva (android)ANDROIDIn Scope17:14
Addedhttps://www.canva.comURLIn Scope17:14
Addedhttps://www.canva.com/developersURLIn Scope17:14
Addedhttps://www.canva.com/en_au/help/chatgpt-templatesURLIn Scope17:14
Addedcanva desktop (macos / windows)OTHERIn Scope17:14
Added*.canva.cnWILDCARDIn Scope17:14
Addedapps sdk sandboxingOTHERIn Scope17:14
Addedcanva (chrome extension)OTHERIn Scope17:14
Added*.canva-apps.comWILDCARDIn Scope17:14