n24q02m/better-email-mcp

v1.9.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 2mo MCP Data & Storage

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ai-agents ai-coding claude claude-code cursor docker

+7 more

email imap mcp mcp-server model-context-protocol smtp typescript

Affected surfaces

rce_ssrf

Summary

AI summary

Add URL validation, path traversal protection, and PR template.

Full changelog

v1.9.0 (2026-03-08)

Bug Fixes

Update send.md to reflect auto-auth flow (adba331)

Features

security: Add URL validation, path traversal protection, and PR template (aec4bd9)

Detailed Changes: v1.8.0...v1.9.0

Security Fixes

URL validation and path traversal protection mitigate injection/abuse risks

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track n24q02m/better-email-mcp

Get notified when new releases ship.

About n24q02m/better-email-mcp

IMAP/SMTP email MCP server with App Passwords (no OAuth2). Auto-discovers Gmail, Outlook, Yahoo, iCloud. 5 composite tools: search, read, send, reply, forward. Multi-account support.

All releases →