Security Vulnerability in Ramp's Sheets AI Allowed Data Exfiltration via Spreadsheet Formulas
By
takira
1mo ago· 5 min readenNews
100/100
Golden Brown
Bagelometer↗
Hot, fresh, and worth queueing round the block for.
Score100TypenewsSentimentnegative
Summary
A security vulnerability was discovered in Ramp's Sheets AI, an agentic product that helps users operate on spreadsheets. The feature could edit spreadsheets without human oversight and was vulnerable to data exfiltration because it could insert formulas that trigger external communication. The issue was responsibly disclosed to Ramp and resolved on March 16, 2026.
Key quotes
· 4 pulledThis vulnerability was responsibly disclosed to Ramp, and Ramp's security team has indicated the issue was resolved on March 16, 2026.
Ramp's Sheets AI is an agentic product that helps users operate on spreadsheets, comparable to Claude for Excel.
The feature can edit spreadsheets without a human-in-the-loop and was vulnerable to data exfiltration risks due to its ability to insert formulas that trigger external communication.
We appreciate Ramp's dedication to maintaining a strong AI security posture.
Assess and monitor risk from AI in vendors with novel intelligence on emerging threats. Stay ahead of AI-driven third-party risk with continuous moitoring and adaptive insight.
