MCP Catalogs
Homecve-search_mcp screenshot

cve-search_mcp

by roadwy·100·Score 44

An MCP server providing secure access to CVE-Search API for vulnerability information lookup.

securitydeveloper-toolsai-llm
13
Forks
1
Open issues
10 mo ago
Last commit
2d ago
Indexed

Overview

This MCP server serves as a bridge between AI assistants and the CVE-Search API, enabling comprehensive vulnerability database access. It supports querying vendors, products, specific CVE IDs, and recent vulnerabilities with CAPEC, CWE, and CPE expansions. The server implements proper MCP protocol structure, making it compatible with various AI clients like Cline and Roo Code. The code is written in Python using modern dependency management with uv, indicating good development practices.

Try asking AI

After installing, here are 5 things you can ask your AI assistant:

you:Security analysts can quickly retrieve vulnerability information by CVE ID during incident response
you:AI assistants can access vendor-specific vulnerability databases to answer security questions
you:DevSecOps teams can integrate vulnerability data into automated security checks
you:What data sources does this MCP server use?
you:Can I get vulnerability information for specific vendors and products?

When to choose this

Choose this server when building security-focused AI assistants or developer tools that need vulnerability data integration.

When NOT to choose this

Don't choose this if you need write access to vulnerability databases or require real-time alerting beyond what the CVE-Search API provides.

Tools this server exposes

6 tools extracted from the README
  • get_vendors

    Get a JSON with all the vendors

  • get_products

    Get a JSON with all the products associated to a vendor

  • get_vulnerabilities

    Get a JSON with all the vulnerabilities per vendor and a specific product

  • get_cve_by_id

    Get a JSON of a specific CVE ID

  • get_last_cves

    Get a JSON of the last 30 CVEs including CAPEC, CWE and CPE expansions

  • get_database_info

    Get more information about the current databases in use and when it was updated

Comparable tools

osv-mcpnvd-api-mcpvulncheck-mcpsecurity-tracker

Installation

Installation

  1. Clone the repository:
git clone https://github.com/roadwy/cve-search_mcp.git
cd cve-search_mcp
  1. Install dependencies:
uv sync
  1. Add to your MCP client configuration:
{
  "cve-search_mcp": {
    "command": "uv",
    "args": [
      "--directory",
      "YOUR_CVE_SEARCH_MCP_DIR_PATH",
      "run",
      "main.py"
    ],
    "disabled": false,
    "autoApprove": []
  }
}

For Claude Desktop, add this to your claude_desktop_config.json:

{
  "mcpServers": {
    "cve-search": {
      "command": "uv",
      "args": [
        "--directory",
        "/path/to/cve-search_mcp",
        "run",
        "main.py"
      ]
    }
  }
}

FAQ

What data sources does this MCP server use?
The server queries the CVE-Search API, which provides access to the CVE (Common Vulnerabilities and Exposures) database maintained by MITRE.
Can I get vulnerability information for specific vendors and products?
Yes, the server provides tools to get all vendors, all products associated with a vendor, and vulnerabilities per vendor and product.

Compare cve-search_mcp with

cve-search_mcp vs ultimate_mcp_servercve-search_mcp vs mcp-server-chartcve-search_mcp vs everythingcve-search_mcp vs filesystemcve-search_mcp vs time
GitHub →

Last updated · Auto-generated from public README + GitHub signals.