Mattermost · Teams Plugin · CVE-2026-2476
**Name of the Vulnerable Software and Affected Versions**
Mattermost Plugins versions through 2.0.3.0
**Description**
The Mattermost plugins do not properly mask sensitive configuration values. This allows an attacker with access to support packets to obtain original plugin settings through exported configuration data. The Mattermost Microsoft Teams Plugin is also affected.
**Recommendations**
Update to a version of Mattermost Plugins greater than 2.0.3.0.