MCP.so
Sign In

CIRCL CVE SEARCH MCP Server

@Cyreslab-AI

About CIRCL CVE SEARCH MCP Server

MCP server for CIRCL CVE Search API with intelligent risk assessment and comprehensive vulnerability analysis.

Basic information

Category

Developer Tools

License

MIT license

Runtime

node

Transports

stdio

Publisher

Cyreslab-AI

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "circl-cve-search": {
      "command": "npx",
      "args": [
        "@cyreslab/circl-cve-search-mcp-server"
      ]
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is CIRCL CVE SEARCH MCP Server?

The CIRCL CVE SEARCH MCP Server is a Model Context Protocol (MCP) server for accessing the CIRCL CVE SEARCH API. It provides comprehensive vulnerability and security information, making it suitable for security researchers and developers who need to query CVE, CWE, and CAPEC data programmatically.

How to use CIRCL CVE SEARCH MCP Server?

Install the package via npm and add it to your MCP client configuration using the command npx @cyreslab/circl-cve-search-mcp-server. The server exposes four tools: get_cve, browse_vendor, get_cwe, and get_capec, each with specific parameters for querying vulnerability data.

Key features of CIRCL CVE SEARCH MCP Server

  • Access detailed CVE information by ID.
  • Browse CVEs by vendor name.
  • Retrieve Common Weakness Enumeration (CWE) data.
  • Retrieve Common Attack Pattern Enumeration (CAPEC) data.
  • Automatic retry with exponential backoff for reliability.
  • Structured, readable response formatting.

Use cases of CIRCL CVE SEARCH MCP Server

  • Investigate a specific vulnerability by its CVE ID to understand impact and references.
  • Audit a vendor’s product security by browsing all CVEs associated with that vendor.
  • Classify vulnerabilities by weakness type using CWE data for reporting.
  • Study attack patterns via CAPEC data to improve threat modeling.
  • Integrate real-time CVE lookup into security automation pipelines.

FAQ from CIRCL CVE SEARCH MCP Server

What data sources does the server use?

The server uses the CIRCL CVE SEARCH API, which provides CVE data from the National Vulnerability Database (NVD), as well as CPE, CWE, and CAPEC data.

Does the API require authentication or have rate limits?

The CIRCL CVE SEARCH API is free to use and does not require authentication. Users should use it responsibly to avoid impacting the service.

What error conditions does the server handle?

The server handles invalid CVE/CWE/CAPEC ID formats, empty search queries, API rate limiting, network errors, and invalid parameters with clear, actionable error messages.

What tools are available and what parameters do they accept?

Available tools are get_cve (requires cve_id), browse_vendor (requires vendor, optional limit up to 50), get_cwe (requires cwe_id), and get_capec (requires capec_id).

Comments

More Developer Tools MCP servers