n24q02m/better-email-mcp

v1.3.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 2mo MCP Data & Storage

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ai-agents ai-coding claude claude-code cursor docker

+7 more

email imap mcp mcp-server model-context-protocol smtp typescript

Affected surfaces

deps breaking_upgrade

Summary

AI summary

Resolved XSS vulnerability in textToHtml.

Full changelog

v1.3.0 (2026-03-06)

Bug Fixes

Fix Codecov badge in README (317931b)
deps: Update dependency nodemailer to v8 (#109, 38c5a6d)
deps: Update non-major dependencies (#114, f0770e3)
security: Resolve code scanning alerts and XSS in textToHtml (046ef8f)

Chores

deps: Lock file maintenance (#115, 1097c17)
deps: Update actions/setup-node digest to 53b8394 (#118, eeed317)
deps: Update dependency @types/node to v25 (#40, 2fbd9d9)

Features

Add comprehensive Phase 5 live test via MCP protocol (95f6af6)

Detailed Changes: v1.2.5...v1.3.0

Security Fixes

Resolved XSS vulnerability in textToHtml

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track n24q02m/better-email-mcp

Get notified when new releases ship.

About n24q02m/better-email-mcp

IMAP/SMTP email MCP server with App Passwords (no OAuth2). Auto-discovers Gmail, Outlook, Yahoo, iCloud. 5 composite tools: search, read, send, reply, forward. Multi-account support.

All releases →