NETCore.MailKit depends on vulnerable version of MimeKit (3.2.0) – Please update to >= 4.7.1

## NETCore.MailKit depends on vulnerable version of MimeKit (3.2.0) – Please update to >= 4.7.1

Hello,

I'm reporting a security issue regarding the current dependency on MimeKit in NETCore.MailKit.

**Issue:**
- The current version of `NETCore.MailKit` depends on `MimeKit` version **3.2.0**, which contains a [high-severity security vulnerability](https://github.com/advisories/GHSA-gmc6-fwg3-75m5).
- This vulnerability affects MimeKit versions from 3.0.0 up to and including 4.7.0.
- The recommended solution is to upgrade to **MimeKit 4.7.1 or higher**, where this vulnerability is fixed.

**References:**
- [GitHub Advisory GHSA-gmc6-fwg3-75m5](https://github.com/advisories/GHSA-gmc6-fwg3-75m5)
- [MimeKit 3.2.0 on NuGet](https://www.nuget.org/packages/MimeKit/3.2.0)

**Impact:**
- Projects depending on `NETCore.MailKit` cannot remediate this vulnerability unless the package is updated.
- Security policies in many organizations require dependencies to be free of known critical vulnerabilities.

**Request:**
- **Please update the dependency on MimeKit to version 4.7.1 or higher.**
- If there are breaking changes, consider releasing a new major version or providing migration notes.

Thank you for your attention to this important security issue.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

NETCore.MailKit depends on vulnerable version of MimeKit (3.2.0) – Please update to >= 4.7.1 #32