diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5c68732..5a26cae 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,7 @@
 ## Unreleased
 
+## 0.12.2-dev - 2026-06-10
+
 ### Security
 
 - **static_map_image_tool**: Stop embedding the Mapbox access token in tool results. Previously the tool returned a `createUIResource({ iframeUrl })` whose URL carried the caller's `?access_token=` query param, leaking the secret token via the MCP-UI resource item. The credentialed URL is now only used server-side to fetch the image, which is returned inline as base64. The tool's `meta.ui.resourceUri` declaration is removed (the iframe path required the credentialed URL to function and cannot be reinstated without leaking). A regression test asserts the access token does not appear in any content item.
diff --git a/manifest.json b/manifest.json
index 6d9fb08..8c28ee7 100644
--- a/manifest.json
+++ b/manifest.json
@@ -2,7 +2,7 @@
   "dxt_version": "0.1",
   "display_name": "Mapbox MCP Server",
   "name": "@mapbox/mcp-server",
-  "version": "0.12.0",
+  "version": "0.12.2-dev",
   "description": "Mapbox MCP server.",
   "author": {
     "name": "Mapbox, Inc."
diff --git a/package-lock.json b/package-lock.json
index eb482ab..5998a69 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@mapbox/mcp-server",
-  "version": "0.12.0",
+  "version": "0.12.2-dev",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@mapbox/mcp-server",
-      "version": "0.12.0",
+      "version": "0.12.2-dev",
       "hasInstallScript": true,
       "license": "MIT",
       "dependencies": {
diff --git a/package.json b/package.json
index af62725..7c67c1b 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@mapbox/mcp-server",
-  "version": "0.12.0",
+  "version": "0.12.2-dev",
   "description": "Mapbox MCP server.",
   "mcpName": "io.github.mapbox/mcp-server",
   "main": "./dist/commonjs/index.js",
diff --git a/server.json b/server.json
index 55ba98b..9f752fb 100644
--- a/server.json
+++ b/server.json
@@ -6,13 +6,13 @@
     "url": "https://github.com/mapbox/mcp-server",
     "source": "github"
   },
-  "version": "0.12.0",
+  "version": "0.12.2-dev",
   "packages": [
     {
       "registryType": "npm",
       "registryBaseUrl": "https://registry.npmjs.org",
       "runtimeHint": "npx",
-      "version": "0.12.0",
+      "version": "0.12.2-dev",
       "identifier": "@mapbox/mcp-server",
       "transport": {
         "type": "stdio"