MCP.so
ログイン

CIRCL CVE SEARCH MCP Server

@Cyreslab-AI

CIRCL CVE SEARCH MCP Server について

MCP server for CIRCL CVE Search API with intelligent risk assessment and comprehensive vulnerability analysis.

基本情報

カテゴリ

開発者ツール

ライセンス

MIT license

ランタイム

node

トランスポート

stdio

公開者

Cyreslab-AI

設定

以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。

{
  "mcpServers": {
    "circl-cve-search": {
      "command": "npx",
      "args": [
        "@cyreslab/circl-cve-search-mcp-server"
      ]
    }
  }
}

ツール

ツールは検出されませんでした

ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。

概要

What is CIRCL CVE SEARCH MCP Server?

The CIRCL CVE SEARCH MCP Server is a Model Context Protocol (MCP) server for accessing the CIRCL CVE SEARCH API. It provides comprehensive vulnerability and security information, making it suitable for security researchers and developers who need to query CVE, CWE, and CAPEC data programmatically.

How to use CIRCL CVE SEARCH MCP Server?

Install the package via npm and add it to your MCP client configuration using the command npx @cyreslab/circl-cve-search-mcp-server. The server exposes four tools: get_cve, browse_vendor, get_cwe, and get_capec, each with specific parameters for querying vulnerability data.

Key features of CIRCL CVE SEARCH MCP Server

  • Access detailed CVE information by ID.
  • Browse CVEs by vendor name.
  • Retrieve Common Weakness Enumeration (CWE) data.
  • Retrieve Common Attack Pattern Enumeration (CAPEC) data.
  • Automatic retry with exponential backoff for reliability.
  • Structured, readable response formatting.

Use cases of CIRCL CVE SEARCH MCP Server

  • Investigate a specific vulnerability by its CVE ID to understand impact and references.
  • Audit a vendor’s product security by browsing all CVEs associated with that vendor.
  • Classify vulnerabilities by weakness type using CWE data for reporting.
  • Study attack patterns via CAPEC data to improve threat modeling.
  • Integrate real-time CVE lookup into security automation pipelines.

FAQ from CIRCL CVE SEARCH MCP Server

What data sources does the server use?

The server uses the CIRCL CVE SEARCH API, which provides CVE data from the National Vulnerability Database (NVD), as well as CPE, CWE, and CAPEC data.

Does the API require authentication or have rate limits?

The CIRCL CVE SEARCH API is free to use and does not require authentication. Users should use it responsibly to avoid impacting the service.

What error conditions does the server handle?

The server handles invalid CVE/CWE/CAPEC ID formats, empty search queries, API rate limiting, network errors, and invalid parameters with clear, actionable error messages.

What tools are available and what parameters do they accept?

Available tools are get_cve (requires cve_id), browse_vendor (requires vendor, optional limit up to 50), get_cwe (requires cwe_id), and get_capec (requires capec_id).

コメント

「開発者ツール」の他のコンテンツ