diff --git a/package.json b/package.json
index fabd50e13..1dd7e3cd5 100644
--- a/package.json
+++ b/package.json
@@ -112,7 +112,7 @@
     "form-data": "^4.0.4",
     "tar": "^7.5.7",
     "jspdf": "^4.1.0",
-    "qs": "^6.14.1"
+    "qs": "^6.14.2"
   },
   "engines": {
     "node": ">=22.0.0"
diff --git a/src/components/temp-email/HeroSection.tsx b/src/components/temp-email/HeroSection.tsx
index a36f9303b..49081f8c5 100644
--- a/src/components/temp-email/HeroSection.tsx
+++ b/src/components/temp-email/HeroSection.tsx
@@ -80,11 +80,24 @@ export const HeroSection = ({ textContent }) => {
     const storedEmail = localStorage.getItem(EMAIL_STORAGE_KEY);
 
     if (storedEmail !== null) {
-      const { address, token } = JSON.parse(storedEmail);
-      setUser({
-        address,
-        token,
-      });
+      try {
+        const decodedEmail = atob(storedEmail);
+        const { address, token } = JSON.parse(decodedEmail);
+        setUser({
+          address,
+          token,
+        });
+      } catch {
+        try {
+          const { address, token } = JSON.parse(storedEmail);
+          setUser({
+            address,
+            token,
+          });
+        } catch {
+          await getNewEmail();
+        }
+      }
     } else {
       await getNewEmail();
     }
@@ -102,7 +115,7 @@ export const HeroSection = ({ textContent }) => {
       setMessages(undefined);
 
       localStorage.setItem(SETUP_TIME_STORAGE_KEY, String(TIME_NOW));
-      localStorage.setItem(EMAIL_STORAGE_KEY, JSON.stringify(emailData));
+      localStorage.setItem(EMAIL_STORAGE_KEY, btoa(JSON.stringify(emailData)));
     } catch (error) {
       console.error('Failed to initialize new email session:', error);
     }
diff --git a/src/pages/api/temp-mail/get-message.ts b/src/pages/api/temp-mail/get-message.ts
index e2e9a418b..9f581a1b0 100644
--- a/src/pages/api/temp-mail/get-message.ts
+++ b/src/pages/api/temp-mail/get-message.ts
@@ -10,9 +10,18 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
   if (req.method !== 'GET') return res.status(405).json({ message: 'Method not allowed' });
 
   const { email, token, messageId } = req.query;
+
+  if (typeof email !== 'string' || typeof token !== 'string' || typeof messageId !== 'string') {
+    return res.status(400).json({ message: 'Invalid parameters' });
+  }
+
   try {
+    const safeEmail = encodeURIComponent(email);
+    const safeToken = encodeURIComponent(token);
+    const safeMessageId = encodeURIComponent(messageId);
+
     const inbox = await axios.get(
-      `${CONVERTER_URL}/api/temp-mail/messages/selectedMessage/${email}/${token}/${messageId}`,
+      `${CONVERTER_URL}/api/temp-mail/messages/selectedMessage/${safeEmail}/${safeToken}/${safeMessageId}`,
     );
 
     return res.status(200).json(inbox.data.messageObj);
diff --git a/src/pages/file-compressor/[filename].tsx b/src/pages/file-compressor/[filename].tsx
index 3648b7eee..afb52297b 100644
--- a/src/pages/file-compressor/[filename].tsx
+++ b/src/pages/file-compressor/[filename].tsx
@@ -1,5 +1,6 @@
 'use client';
 
+import path from 'path';
 import Layout from '@/components/layout/Layout';
 import Navbar from '@/components/layout/navbars/Navbar';
 import Footer from '@/components/layout/footers/Footer';
@@ -55,32 +56,51 @@ const FileConverter = ({
 
 export async function getServerSideProps(ctx) {
   const lang = ctx.locale;
+  const rawFilename = ctx.params.filename;
 
-  const pathname = ctx.params.filename;
+  if (typeof rawFilename !== 'string') {
+    return {
+      notFound: true,
+    };
+  }
 
-  const metatagsDescriptions = require(`@/assets/lang/${lang}/metatags-descriptions.json`);
-  const navbarLang = require(`@/assets/lang/${lang}/navbar.json`);
-  const textContent = require(`@/assets/lang/${lang}/file-compressor/${pathname}.json`);
-  const converterText = require(`@/assets/lang/${lang}/file-compressor/converter-card.json`);
-  const errorContent = require(`@/assets/lang/${lang}/file-compressor/errorState.json`);
-  const footerLang = require(`@/assets/lang/${lang}/footer.json`);
-  const toolsContent = require(`@/assets/lang/${lang}/components/tools/ToolSection.json`);
-  const bannerLang = require(`@/assets/lang/${lang}/banners.json`);
+  const pathname = path.basename(rawFilename);
 
-  return {
-    props: {
-      metatagsDescriptions,
-      navbarLang,
-      textContent,
-      converterText,
-      errorContent,
-      footerLang,
-      lang,
-      toolsContent,
-      pathname,
-      bannerLang,
-    },
-  };
+  if (!/^[a-z0-9-]+$/.test(pathname)) {
+    return {
+      notFound: true,
+    };
+  }
+
+  try {
+    const metatagsDescriptions = require(`@/assets/lang/${lang}/metatags-descriptions.json`);
+    const navbarLang = require(`@/assets/lang/${lang}/navbar.json`);
+    const textContent = require(`@/assets/lang/${lang}/file-compressor/${pathname}.json`);
+    const converterText = require(`@/assets/lang/${lang}/file-compressor/converter-card.json`);
+    const errorContent = require(`@/assets/lang/${lang}/file-compressor/errorState.json`);
+    const footerLang = require(`@/assets/lang/${lang}/footer.json`);
+    const toolsContent = require(`@/assets/lang/${lang}/components/tools/ToolSection.json`);
+    const bannerLang = require(`@/assets/lang/${lang}/banners.json`);
+
+    return {
+      props: {
+        metatagsDescriptions,
+        navbarLang,
+        textContent,
+        converterText,
+        errorContent,
+        footerLang,
+        lang,
+        toolsContent,
+        pathname,
+        bannerLang,
+      },
+    };
+  } catch {
+    return {
+      notFound: true,
+    };
+  }
 }
 
 export default FileConverter;
diff --git a/src/pages/file-converter/[filename].tsx b/src/pages/file-converter/[filename].tsx
index 2b4dd9999..27580b581 100644
--- a/src/pages/file-converter/[filename].tsx
+++ b/src/pages/file-converter/[filename].tsx
@@ -1,5 +1,6 @@
 'use client';
 
+import path from 'path';
 import Layout from '@/components/layout/Layout';
 import Navbar from '@/components/layout/navbars/Navbar';
 import Footer from '@/components/layout/footers/Footer';
@@ -53,29 +54,49 @@ const FileConverter = ({
 export async function getServerSideProps(ctx) {
   const lang = ctx.locale;
   const textLang = lang === 'es' ? lang : 'en';
-  const pathname = ctx.params.filename;
+  const rawFilename = ctx.params.filename;
 
-  const metatagsDescriptions = require(`@/assets/lang/${textLang}/metatags-descriptions.json`);
-  const navbarLang = require(`@/assets/lang/${textLang}/navbar.json`);
-  const textContent = require(`@/assets/lang/${textLang}/file-converter/${pathname}.json`);
-  const converterText = require(`@/assets/lang/${textLang}/file-converter/converter-card.json`);
-  const errorContent = require(`@/assets/lang/${textLang}/file-converter/errorState.json`);
-  const footerLang = require(`@/assets/lang/${textLang}/footer.json`);
-  const toolsContent = require(`@/assets/lang/${textLang}/components/tools/ToolSection.json`);
+  if (typeof rawFilename !== 'string') {
+    return {
+      notFound: true,
+    };
+  }
 
-  return {
-    props: {
-      metatagsDescriptions,
-      navbarLang,
-      textContent,
-      converterText,
-      errorContent,
-      footerLang,
-      lang,
-      toolsContent,
-      pathname,
-    },
-  };
+  const pathname = path.basename(rawFilename);
+
+  if (!/^[a-z0-9-]+$/.test(pathname)) {
+    return {
+      notFound: true,
+    };
+  }
+
+  try {
+    const metatagsDescriptions = require(`@/assets/lang/${textLang}/metatags-descriptions.json`);
+    const navbarLang = require(`@/assets/lang/${textLang}/navbar.json`);
+    const textContent = require(`@/assets/lang/${textLang}/file-converter/${pathname}.json`);
+    const converterText = require(`@/assets/lang/${textLang}/file-converter/converter-card.json`);
+    const errorContent = require(`@/assets/lang/${textLang}/file-converter/errorState.json`);
+    const footerLang = require(`@/assets/lang/${textLang}/footer.json`);
+    const toolsContent = require(`@/assets/lang/${textLang}/components/tools/ToolSection.json`);
+
+    return {
+      props: {
+        metatagsDescriptions,
+        navbarLang,
+        textContent,
+        converterText,
+        errorContent,
+        footerLang,
+        lang,
+        toolsContent,
+        pathname,
+      },
+    };
+  } catch {
+    return {
+      notFound: true,
+    };
+  }
 }
 
 export default FileConverter;
diff --git a/src/pages/sitemap.xml.js b/src/pages/sitemap.xml.js
index 1fc718d99..5d31f91cf 100644
--- a/src/pages/sitemap.xml.js
+++ b/src/pages/sitemap.xml.js
@@ -4,10 +4,7 @@ import path from 'path';
 const Sitemap = () => {};
 
 export const getServerSideProps = ({ res }) => {
-  const baseUrl = {
-    development: 'http://localhost:3001',
-    production: 'https://internxt.com',
-  }[process.env.NODE_ENV];
+  const baseUrl = process.env.NODE_ENV === 'development' ? 'http://localhost:3001' : 'https://internxt.com';
 
   const pages = {
     index: '1.0',
diff --git a/yarn.lock b/yarn.lock
index 223d255e6..1fad4ab3c 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -7533,10 +7533,10 @@ punycode@^2.1.1:
   resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.0.tgz#f67fa67c94da8f4d0cfff981aee4118064199b8f"
   integrity sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==
 
-qs@6.10.4, qs@^6.14.1:
-  version "6.14.1"
-  resolved "https://registry.yarnpkg.com/qs/-/qs-6.14.1.tgz#a41d85b9d3902f31d27861790506294881871159"
-  integrity sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==
+qs@6.10.4, qs@^6.14.2:
+  version "6.15.0"
+  resolved "https://registry.yarnpkg.com/qs/-/qs-6.15.0.tgz#db8fd5d1b1d2d6b5b33adaf87429805f1909e7b3"
+  integrity sha512-mAZTtNCeetKMH+pSjrb76NAM8V9a05I9aBZOHztWy/UqcJdQYNsf59vrRKWnojAT9Y+GbIvoTBC++CPHqpDBhQ==
   dependencies:
     side-channel "^1.1.0"