cve-mcp-server

概述

CVE MCP Server 是一个综合性的安全智能工具集，将 Claude 转变为全方位的安全分析师。它集成了 21 个 API 上的 27 个工具，包括 NVD、EPSS、CISA KEV、MITRE ATT&CK、Shodan、VirusTotal 等。该服务器能够并行查询多个安全源并计算综合风险分数，消除了手动交叉引用的需要。使用 Python 和 FastMCP 框架构建，包含速率限制、响应缓存和 SQLite 存储，确保高效运行，同时通过阻止私有 IP 查询和处理仅出站 HTTPS 流量来维护隐私。

试试问 AI

装完之后，这里有 6 个你可以让 AI 做的事：

• lookup_cve

  Fetch detailed CVE record from NVD including CVSS scores, CWEs, affected products, references, and timeline

  试试:Look up CVE-2024-3400试试:Get details for CVE-2023-44487
• search_cves

  Search NVD for CVEs by keyword, product name, severity, or date range

  试试:Search for CVEs related to Apache Log4j with critical severity试试:Find all high-severity CVEs in 2023
• get_epss_score

  Get EPSS exploitation probability (0–1) and percentile for one or more CVEs

  试试:What's the EPSS score for CVE-2024-3400?试试:Get EPSS scores for these CVEs: CVE-2023-44487, CVE-2023-4966
• check_kev_status

  Check whether a CVE appears in CISA's Known Exploited Vulnerabilities catalog

  试试:Is CVE-2021-44228 in the KEV catalog?试试:Check if CVE-2024-3400 is being actively exploited
• calculate_risk_score

  Compute composite 0–100 risk score using CVSS, EPSS, KEV status, and PoC availability

  试试:Calculate risk score for CVE-2024-3400试试:What's the risk score for CVE-2023-44487?
• generate_risk_report

  Generate a formatted executive security report for one or more CVEs with recommendations

  试试:Generate a risk report for CVE-2024-3400试试:Create an executive report for these CVEs: CVE-2023-44487, CVE-2023-4966
• lookup_ip_reputation

  Check IP address abuse history and confidence score via AbuseIPDB

  试试:Check reputation for IP 185.220.101.34试试:What's the abuse history for 8.8.8.8?
• virustotal_lookup

  Analyze file hashes, URLs, domains, or IPs against 70+ antivirus engines

  试试:Check hash 44d88612fea8a8f36de82e1278abb02f on VirusTotal试试:Analyze https://suspicious-site.com on VirusTotal
• scan_dependencies

  Scan package names and versions against OSV.dev for known vulnerabilities

  试试:Scan these Python packages: requests 2.28.0, flask 2.0.1试试:Check for vulnerabilities in npm package lodash 4.17.21
• search_exploits

  Search GitHub for public proof-of-concept exploits and exploit code repositories

  试试:Find exploits for CVE-2024-3400试试:Search GitHub for proof-of-concept code for CVE-2023-44487
• get_mitre_techniques

  Map a CVE or CWE to relevant MITRE ATT&CK techniques, tactics, and mitigations

  试试:Map CVE-2021-44228 to MITRE ATT&CK techniques试试:What MITRE techniques relate to CWE-79?
• shodan_host_lookup

  Get open ports, services, banners, and vulnerabilities for an IP via Shodan

  试试:Look up host information for 8.8.8.8 on Shodan试试:What ports are open on 1.1.1.1?

可对比工具

安装

# 1. 克隆仓库
git clone https://github.com/mukul975/cve-mcp-server.git
cd cve-mcp-server

# 2. 创建并激活虚拟环境
python -m venv venv

# macOS / Linux:
source venv/bin/activate

# Windows (PowerShell):
.\venv\Scripts\Activate.ps1

# 3. 安装依赖
pip install -e .

# 4. 复制并配置环境变量
cp .env.example .env
# 编辑 .env 文件添加您的 API 密钥

{
  "mcpServers": {
    "cve": {
      "command": "python",
      "args": ["-m", "cve_mcp_server"],
      "env": {
        "CVE_MCP_SERVER_API_KEYS": "YOUR_API_KEYS_HERE"
      }
    }
  }
}

FAQ

我需要所有工具的 API 密钥吗？

不需要。大多数工具无需 API 密钥即可使用，但有速率限制。建议生产环境或高频查询使用密钥。

综合风险评分如何工作？

风险评分（0-100）结合了 CVSS 严重性、EPSS 概率、CISA KEV 状态、PoC 可用性等多种因素，标准化为单一指标。

是否存储或记录敏感数据？

服务器使用本地 SQLite 缓存提高性能，但从不记录 API 密钥或敏感数据。所有工具都阻止私有 IP 地址查询。

cve-mcp-server 对比