A CVE has been opened against mailcap (see https://github.com/python/cpython/issues/68966 for details). I'm not aware of anyone trying to maintain the module and Victor did a search online and didn't find any use of the module in the top 5000 projects on PyPI (see the issue). The module is also under 300 lines of Python code that only  (https://github.com/python/cpython/blob/main/Lib/mailcap.py), so vendoring wouldn't be burdensome.

As such, I'm proposing we deprecate mailcap in 3.11 and remove it in 3.13. Any explicit objections?