Outlook OAuth MCP Server

Enables interaction with Microsoft Outlook for managing emails and calendars through OAuth2 delegated access. It provides a stateless, spec-compliant server that allows users to authenticate and perform mail and calendar operations with their own Microsoft accounts.

→ Leonine-Studios/useful-outlook-mcp · listed on glama

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

🚨

Known vulnerabilities in dependencies: 2 critical, 2 high

Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.

🔐

You'll be asked for 1 credential: MS365_MCP_CLIENT_SECRET

These are read from process.env at runtime. Make sure you trust where they’ll be sent.

// known CVEs in dependencies2 critical2 high

Disclosed vulnerabilities in this server's declared npm dependencies (via OSV). Whether each is reachable depends on the installed versions.

criticalvitest@3.0.0GHSA-5xrq-8626-4rwp

When Vitest UI server is listening, arbitrary file can be read and executed

criticalvitest@3.0.0GHSA-9crc-q9x8-hgqq

Vitest allows Remote Code Execution when accessing a malicious website while Vitest API server is listening

high@modelcontextprotocol/sdk@1.25.0GHSA-345p-7cg4-v4c7

@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse

high@modelcontextprotocol/sdk@1.25.0GHSA-8r9q-7v3j-jr4g

Anthropic's MCP TypeScript SDK has a ReDoS vulnerability

Depend on this server? Get alerted when its CVEs change.Watch this server free →

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

configMS365_MCP_ALLOWED_TENANTS— Restrict to specific tenants

configMS365_MCP_CLIENT_ID— your-azure-ad-client-id

🔐 secretMS365_MCP_CLIENT_SECRET— your-azure-ad-client-secret

configMS365_MCP_CORS_ORIGIN— CORS origins

configMS365_MCP_ENABLED_TOOLS— all Comma-separated tool allowlist

configMS365_MCP_HOST

configMS365_MCP_LOG_LEVEL

configMS365_MCP_PORT— 3000 Server port

configMS365_MCP_RATE_LIMIT_REQUESTS— 30 Requests per window

configMS365_MCP_RATE_LIMIT_WINDOW_MS— 60000 Window size (ms)

configMS365_MCP_READ_ONLY_MODE— false Disable write operations

configMS365_MCP_TENANT_ID— your-tenant-id # or 'common'

configMS365_MCP_USE_TONL

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 4 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/leonine-studios-useful-outlook-mcp-16iuyl)](https://m8ven.ai/mcp/leonine-studios-useful-outlook-mcp-16iuyl)

commit: 425050d631f192d497ffdda0c56ea48d8c285d5a

code hash: c3016b4d37fac81dc7b4cb8c20d3f7fb07d82056445088b1dd2dac86fa74f6e2

verified: 6/13/2026, 10:53:38 AM

view raw JSON →