Medium

Microsoft Excel Copilot Agent Information Disclosure via XSS

IdentifiersCVE-2026-26144CWE-79· Improper Neutralization of Input…

CVE-2026-26144 is a critical information disclosure vulnerability in Microsoft Excel caused by improper neutralization of input during web page generation, i.e., a cross-site scripting (XSS) flaw. The available reporting indicates that a maliciously crafted Excel file can trigger the vulnerability when opened, allowing attacker-controlled content to execute within Excel’s context and interact with Microsoft 365 Copilot Agent mode. Microsoft and multiple secondary sources describe the resulting behavior as causing Copilot Agent mode to exfiltrate spreadsheet data via unintended network egress. The issue is notable because the XSS condition appears to transform a traditional client-side injection bug into a higher-impact data disclosure path through the AI assistant embedded in Excel.

For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial

ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation can disclose sensitive spreadsheet contents over the network to an attacker-controlled endpoint. In environments using Microsoft 365 Copilot / Copilot Agent mode, the vulnerability may enable silent or effectively zero-click data exfiltration without additional user prompts, materially increasing the impact beyond a conventional XSS issue. The exposed data could include confidential corporate, financial, operational, or other information present in the workbook or accessible to the Copilot-enabled Excel session.

Mitigation

If you can’t patch tonight, do this now.

If patching cannot be completed immediately, restrict or block unnecessary outbound network access from Excel and other AI-enabled Office applications, especially arbitrary HTTP/HTTPS egress. Monitor Excel-originated or AI-subsystem-originated network requests, particularly POST traffic to unfamiliar endpoints. Where operationally feasible, disable or limit Copilot Agent mode in Excel until the patch is deployed. More broadly, treat embedded AI assistants as privileged components in threat models and apply tighter egress controls and telemetry around their activity.

Remediation

Patch, then assume compromise.

Apply Microsoft's March 10, 2026 security updates that address CVE-2026-26144. For Microsoft 365 Apps for Enterprise, the fix is delivered via Click-to-Run updates. Organizations should ensure affected Excel and Microsoft 365 Office installations are updated to the latest patched build through normal Microsoft update channels and verify deployment across 32-bit and 64-bit installations where applicable.

PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType

Microsoft Corporation365 Appsapplication

Microsoft CorporationExcelapplication

Microsoft CorporationOffice Excelapplication

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

37 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

37 SOURCESView more in app

dark readingNews

Apr 17, 2026

Every Old Vulnerability Is Now an AI Vulnerability

A Microsoft Excel cross-site scripting vulnerability that, when chained with Copilot Agent mode, can enable silent data exfiltration from spreadsheets via the AI agent without user interaction.

sentinelone blogNews

Mar 13, 2026

The Good, the Bad and the Ugly in Cybersecurity - Week 11

An Excel information disclosure vulnerability that could leak data through Copilot.

techrepublic com securityNews

Mar 11, 2026

Patch Alert: Microsoft Fixes Nearly 80 Bugs, Including Critical Office Flaws

Microsoft Excel information disclosure in Copilot Agent mode that could leak sensitive data across a network.

arctic wolf blogNews

Mar 11, 2026

Microsoft Patch Tuesday: March 2026 | Arctic Wolf

Unknown

+10 more in the timeline

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.

Start free trial

Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity22

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES

MITRE CVE

cve.org · CVE-2026-26144

NVD

nvd.nist.gov/vuln/detail/CVE-2026-26144

MITRE CWE · CWE-79

Improper Neutralization of Input During Web…

Vendor Advisory

msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26144