Skip to content

n24q02m/mnemo-mcp

v1.20.3 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 1mo MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

ai-agents ai-coding ai-memory claude claude-code cursor
+8 more
docker hybrid-search mcp mcp-server model-context-protocol python rclone sqlite

Affected surfaces

deps breaking_upgrade

Summary

AI summary

Fixed SQL injection vulnerability in the update method.

Full changelog

v1.20.3 (2026-04-19)

This release is published under the MIT License.

Bug Fixes

  • Add tests for GDrive OAuth failure callback + token save error paths (#466, b49e217)

  • Bump mcp-core to 1.3.0 (#462, 088a730)

  • Bump n24q02m-mcp-core to 1.4.0 (#468, be37093)

  • Silence ty invalid-assignment on _ConnProxy test wrapper (#463, 33b967d)

  • Surface OAuth token save failures in GDrive device code poll (#466, b49e217)

  • Sync mnemo GDrive OAuth defaults to match wet-mcp parity (d172f92)

  • Untrack .jules AI traces + add .Jules/.superpower to gitignore (858682e)

  • config: Remove hardcoded oauth credentials (#434, edfc2a1)

  • db: Use 'k = ?' constraint for vector search compatibility (#453, 29c1a22)

  • db: Use static parameterized query for all fields in update method (#455, 6e50ee1)

  • relay: Modularize ensure_config long method (#442, 3f6c38f)

  • security: Resolve SQL injection in update method and fix CI type errors (#455, 6e50ee1)

  • server: Refactor config tool to reduce complexity (#452, b4cfe8b)

  • sync: Refactor setup_google_auth into smaller helper methods (#450, 6a32f11)

Chores

Performance Improvements

  • sync: Refactor folder ID caching to use asynchronous I/O (#443, 6704aac)

  • token-store: Make token storage operations asynchronous (#449, 5d23f9f)

Testing

  • config: Achieve 100% coverage for GPU and reranker detection (#445, 777fb97)

  • relay: Add apply_config tests and consolidate module tests (#444, daf6d6e)

Detailed Changes: v1.20.2...v1.20.3

Security Fixes

  • Resolved SQL injection vulnerability in the update method ([#455](https://github.com/n24q02m/mnemo-mcp/pull/455))
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track n24q02m/mnemo-mcp

Get notified when new releases ship.

Sign up free

About n24q02m/mnemo-mcp

Persistent AI memory with SQLite hybrid search (FTS5 + semantic). Built-in Qwen3 embedding, rclone sync across machines. Zero config, no cloud, no limits.

All releases →

Related context

Beta — feedback welcome: [email protected]