A production-ready MCP server that provides secure, delegated access to Microsoft 365 services including Email, SharePoint, OneDrive, and Calendar. It enables AI models to search messages, browse files, manage calendar events, and parse document contents using OAuth 2.1 authentication.
Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.
Install from
M8ven verifies MCPs across every public registry β install directly from whichever one you prefer.
Disclosed vulnerabilities in this server's declared npm dependencies (via OSV). Whether each is reachable depends on the installed versions.
When Vitest UI server is listening, arbitrary file can be read and executed
Vitest allows Remote Code Execution when accessing a malicious website while Vitest API server is listening
Anthropic's MCP TypeScript SDK has a ReDoS vulnerability
Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default
uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided
process.env. You'll be asked to provide them before it can run.AZURE_CLIENT_IDβ your-client-idAZURE_CLIENT_SECRETβ your-client-secretAZURE_TENANT_IDβ your-tenant-idFILE_PARSE_MAX_OUTPUT_KBβ No 500 Max parsed text output sizeFILE_PARSE_TIMEOUT_MSβ No 30000 Document parsing timeoutGRAPH_API_TIMEOUT_MSLOG_LEVELβ No info Log level (trace/debug/info/warn/error)MCP_SERVER_BASE_URLβ No http://localhost:3000 Public URL (HTTPS required in production)MCP_SERVER_PORTβ No 3000 Server portOAUTH_ACCESS_TOKEN_LIFETIME_SECSOAUTH_ALLOWED_REDIRECT_PATTERNSβ No - Comma-separated URI patterns for DCROAUTH_ALLOW_DYNAMIC_REGISTRATIONOAUTH_AUTH_CODE_LIFETIME_SECSOAUTH_REFRESH_TOKEN_LIFETIME_SECSOAUTH_REFRESH_TOKEN_REUSE_GRACE_SECSOAUTH_SIGNING_KEY_PRIVATEβ =<base64-encoded PEM>OAUTH_SIGNING_KEY_PUBLICβ =<base64-encoded PEM>PORTRATE_LIMIT_MAX_REQUESTSRATE_LIMIT_WINDOW_MSREDIS_URLβ redis://localhost:6379SESSION_SECRETβ $(openssl rand -hex 32)SESSION_TTL_SECONDS[](https://m8ven.ai/mcp/swamirama-m365-mcp-server-1586q9)