rps321321/obsidian-mcp-pro

v1.1.0 Security

This release includes 5 security fixes for security teams reviewing exposed deployments.

Published 2mo MCP Developer Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 5 known CVEs

Affected surfaces

rce_ssrf

Summary

AI summary

Fixed critical path traversal vulnerabilities and added isError flag to all error responses.

Full changelog

What's New in v1.1.0

Security Fixes (Critical)

Fixed path traversal vulnerability in MCP resource handler
Fixed path traversal prefix bypass in resolveVaultPath
Added null byte rejection in path validation
Validated trash path against traversal attacks
Fixed noteExists bypassing path validation

Bug Fixes

Fixed content duplication in get_note and get_daily_note (frontmatter shown twice)
Replaced broken YAML frontmatter serializer with gray-matter stringify
Fixed tilde fence (~~~) detection in code block tracker
Converted sync I/O to async in tags resource handler
Fixed ensureNewline creating double newlines in append_to_note

Protocol Compliance

Added isError: true to all error responses across all 23 tools
Changed resource template URI to support slashes in paths
Added .min(1) validation to all path parameters

Correctness

Strip #heading and ^block-ref before wikilink resolution
Case-insensitive wikilink resolution
Unicode tag support (CJK, Cyrillic, Latin Extended)
Tag regex no longer matches ATX headings
Support singular tag and alias frontmatter keys
Added maxResults to search_by_tag, find_orphans, find_broken_links

Platform

Respect XDG_CONFIG_HOME on Linux
Case-insensitive directory exclusion
Add .git to excluded directories

Packaging

Removed unused glob dependency
Bumped engines to >=18.17.0
Added homepage and bugs fields

Install

{
  "mcpServers": {
    "obsidian": {
      "command": "npx",
      "args": ["-y", "obsidian-mcp-pro"]
    }
  }
}

Security Fixes

Fixed path traversal vulnerability in MCP resource handler
Fixed path traversal prefix bypass in `resolveVaultPath`
Added null byte rejection in path validation
Validated trash path against traversal attacks
Fixed `noteExists` bypassing path validation

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track rps321321/obsidian-mcp-pro

Get notified when new releases ship.

About rps321321/obsidian-mcp-pro

Feature-complete Obsidian vault MCP server with 23 tools and 3 resources. Full-text search, note CRUD, frontmatter queries, tag management, backlinks, graph traversal (BFS up to 5 hops), orphan/broken link detection, and canvas support. Auto-detects vault, path traversal protection, MIT licensed.

All releases →