littlebearapps/outlook-assistant

v3.3.1 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 2mo MCP Developer Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ai ai-agents automation calendar claude claude-code

+14 more

contacts cursor email email-automation llm mcp mcp-server microsoft-365 microsoft-graph microsoft-graph-api model-context-protocol outlook productivity windsurf

Affected surfaces

auth

Summary

AI summary

Fixed express-rate-limit vulnerability that allowed IPv4‑mapped IPv6 addresses to bypass per‑client rate limiting.

Full changelog

What's Changed

New

Demo GIF in README — Speed-ramped screen recording (39s) showing the full workflow: search inbox → read & summarise → draft a reply, with drop shadow on white canvas

Security

Fix express-rate-limit vulnerability (GHSA-46wh-pxpv-q5gq) — IPv4-mapped IPv6 addresses could bypass per-client rate limiting on dual-stack servers. Updated express-rate-limit 8.2.1 → 8.3.0

Maintenance

Updated ip-address 10.0.1 → 10.1.0
Fixed git worktree configuration after project rename

Security Fixes

GHSA-46wh-pxpv-q5gq — Updated express-rate-limit from 8.2.1 to 8.3.0; fixes bypass of per‑client rate limiting via IPv4‑mapped IPv6 addresses on dual‑stack servers

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track littlebearapps/outlook-assistant

Get notified when new releases ship.

About littlebearapps/outlook-assistant

Ask your AI assistant to search your inbox, send emails, schedule meetings, manage contacts, and configure mailbox settings — without leaving the conversation. Works with Claude, Cursor, Windsurf, and any MCP-compatible client.

All releases →