MCP.so
Sign In

CVE MCP Server

@xishir

About CVE MCP Server

A Model Context Protocol server providing CVE vulnerability information query capabilities. This server enables LLMs to query detailed information for specific CVE IDs, retrieving data from MITRE's CVE database.

Basic information

Category

Developer Tools

License

MIT license

Runtime

python

Transports

stdio

Publisher

xishir

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "cve-mcp-server": {
      "command": "uvx",
      "args": [
        "cve-mcp-server",
        "sse"
      ]
    }
  }
}

Tools

1

Query vulnerability information by CVE ID

Overview

What is CVE MCP Server?

CVE MCP Server is a Model Context Protocol server that enables LLMs to query detailed vulnerability information for specific CVE IDs. It retrieves data from MITRE's CVE database.

How to use CVE MCP Server?

Install via pip with pip install cve-mcp-server. Configure as stdio (default) using the command uvx cve-mcp-server, or run as an SSE server with uvx cve-mcp-server sse and connect via URL. The server exposes one tool, query_cve, which requires a cve_id string parameter.

Key features of CVE MCP Server

  • Queries vulnerability information by CVE ID.
  • Retrieves data from MITRE’s CVE database.
  • Exposes a single query_cve tool for LLM integration.
  • Supports both stdio and SSE transports.
  • Can be debugged with the MCP inspector.

Use cases of CVE MCP Server

  • An AI assistant answering security questions about a specific CVE.
  • Automating vulnerability lookup in CI/CD or incident response workflows.
  • Enriching LLM‑driven security analysis tools with real CVE data.

FAQ from CVE MCP Server

What tools does CVE MCP Server provide?

It provides one tool, query_cve, which takes a required cve_id parameter (e.g., 'CVE-2021-44228').

How do I install CVE MCP Server?

Install it via pip: pip install cve-mcp-server.

What transports does CVE MCP Server support?

It supports stdio (default) and SSE. For stdio, run uvx cve-mcp-server; for SSE, run uvx cve-mcp-server sse.

Where does CVE MCP Server get vulnerability data?

It retrieves data from MITRE’s CVE database.

Does CVE MCP Server require authentication?

The README does not mention any authentication mechanism.

Comments

More Developer Tools MCP servers