CIRCL CVE SEARCH MCP Server
@Cyreslab-AI
CIRCL CVE SEARCH MCP Server について
MCP server for CIRCL CVE Search API with intelligent risk assessment and comprehensive vulnerability analysis.
基本情報
設定
以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。
{
"mcpServers": {
"circl-cve-search": {
"command": "npx",
"args": [
"@cyreslab/circl-cve-search-mcp-server"
]
}
}
}ツール
ツールは検出されませんでした
ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。
概要
What is CIRCL CVE SEARCH MCP Server?
The CIRCL CVE SEARCH MCP Server is a Model Context Protocol (MCP) server for accessing the CIRCL CVE SEARCH API. It provides comprehensive vulnerability and security information, making it suitable for security researchers and developers who need to query CVE, CWE, and CAPEC data programmatically.
How to use CIRCL CVE SEARCH MCP Server?
Install the package via npm and add it to your MCP client configuration using the command npx @cyreslab/circl-cve-search-mcp-server. The server exposes four tools: get_cve, browse_vendor, get_cwe, and get_capec, each with specific parameters for querying vulnerability data.
Key features of CIRCL CVE SEARCH MCP Server
- Access detailed CVE information by ID.
- Browse CVEs by vendor name.
- Retrieve Common Weakness Enumeration (CWE) data.
- Retrieve Common Attack Pattern Enumeration (CAPEC) data.
- Automatic retry with exponential backoff for reliability.
- Structured, readable response formatting.
Use cases of CIRCL CVE SEARCH MCP Server
- Investigate a specific vulnerability by its CVE ID to understand impact and references.
- Audit a vendor’s product security by browsing all CVEs associated with that vendor.
- Classify vulnerabilities by weakness type using CWE data for reporting.
- Study attack patterns via CAPEC data to improve threat modeling.
- Integrate real-time CVE lookup into security automation pipelines.
FAQ from CIRCL CVE SEARCH MCP Server
What data sources does the server use?
The server uses the CIRCL CVE SEARCH API, which provides CVE data from the National Vulnerability Database (NVD), as well as CPE, CWE, and CAPEC data.
Does the API require authentication or have rate limits?
The CIRCL CVE SEARCH API is free to use and does not require authentication. Users should use it responsibly to avoid impacting the service.
What error conditions does the server handle?
The server handles invalid CVE/CWE/CAPEC ID formats, empty search queries, API rate limiting, network errors, and invalid parameters with clear, actionable error messages.
What tools are available and what parameters do they accept?
Available tools are get_cve (requires cve_id), browse_vendor (requires vendor, optional limit up to 50), get_cwe (requires cwe_id), and get_capec (requires capec_id).
「開発者ツール」の他のコンテンツ
Grafana MCP server
grafanaMCP server for Grafana
MCP Inspector
modelcontextprotocolVisual testing tool for MCP servers
Burp Suite MCP Server Extension
PortSwiggerMCP Server for Burp
🔐 ssh-mcp-server
classfang基于 SSH 的 MCP 服务 🧙♀️。已被MCP官方收录 🎉。 SSH MCP Server 🧙♀️. It has been included in the community MCP repository 🎉.
Smithery CLI
smithery-aiInstall, manage and develop MCP servers and skills for agents
コメント