This release includes 1 security fix for security teams reviewing exposed deployments.
Topics
+9 more
Affected surfaces
ReleasePort's take
Light signalOneDrive macOS client v3.0.243 now limits file access to the user's OneDrive folder only.
Why it matters: Restricts accidental full‑Mac browsing; relevant for all users of the OneDrive macOS client.
Summary
AI summaryOneDrive file listing now restricts access to the user's OneDrive folder, preventing accidental full‑Mac browsing.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | Critical |
Restricts OneDrive file access to designated OneDrive folders only. Restricts OneDrive file access to designated OneDrive folders only. Source: llm_adapter@2026-06-01 Confidence: low |
— |
| Security | High |
Restricts OneDrive file listing to within OneDrive folders on macOS. Restricts OneDrive file listing to within OneDrive folders on macOS. Source: granite4.1:30b@2026-06-01-audit Confidence: low |
— |
Full changelog
OneDrive file listing now stays inside your OneDrive folders — agents can no longer browse your entire Mac by mistake.
Security Fixes
- OneDrive file listing now limited to the user's OneDrive directory, preventing unintended full‑system browsing.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About lanchuske/local-mcp
Connect Claude, Cursor, Windsurf and other AI agents to macOS native apps: Mail, Calendar, Contacts, Reminders, Notes, iMessage, Finder, Safari, OmniFocus, Microsoft Teams, Outlook, OneDrive, and Office documents. 82 tools. Runs entirely on your Mac — no cloud, no tokens, no API keys.
Related context
Beta — feedback welcome: [email protected]