NVD Database MCP Server
@marcoeg
About NVD Database MCP Server
An MCP server to query the NIST National Vulnerability Database (NVD)
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"mcp-nvd": {
"command": "/path/to/uvx",
"args": [
"mcp-nvd"
],
"env": {
"NVD_API_KEY": "your-api-key"
}
}
}
}Tools
4Retrieves a CVE record by its ID.
Detailed CVE info including scores, weaknesses, and references.
Searches the NVD database by keyword.
List of matching CVEs with total count.
Overview
What is NVD Database MCP Server?
A Model Context Protocol server implementation that queries the NIST National Vulnerability Database (NVD) via its API, providing vulnerability data to MCP-compliant clients like Claude Desktop.
How to use NVD Database MCP Server?
Configure the server in the Claude Desktop config file by providing the path to uvx, the mcp-nvd argument, and your NVD API key as an environment variable. Then use the get_cve tool to retrieve a CVE by ID and the search_cve tool to search by keyword with optional parameters.
Key features of NVD Database MCP Server
- Query specific CVEs by ID with detailed vulnerability data
- Search the NVD database by keyword with customizable results
- Supports both stdio and SSE transport modes
- Compatible with MCP-compliant clients like Claude Desktop
- Offers concise output option for shorter CVE records
- Docker support for containerized deployment
Use cases of NVD Database MCP Server
- Retrieve full vulnerability details for a known CVE during security assessment
- Search for CVEs related to a specific software vendor or product
- Automate vulnerability intelligence gathering within an MCP workflow
- Integrate real-time CVE lookups into security tooling dashboards
FAQ from NVD Database MCP Server
What prerequisites are needed to run this server?
Python 3.10 or higher, a free NVD API key (request at nvd.nist.gov), and the uv package manager.
How do I configure it for Claude Desktop?
Edit the Claude Desktop config file (claude_desktop_config.json) to add mcp-nvd under mcpServers with the command set to your uvx path, args ["mcp-nvd"], and the NVD_API_KEY environment variable.
Does it support Server-Sent Events (SSE) transport?
Yes, it supports SSE transport for real-time communication, and can be run with --transport sse --port 9090.
What tools does the server provide?
Two tools: get_cve (retrieve a CVE by ID) and search_cve (search by keyword with options for exact match, concise output, and result count up to 2000).
Where does the vulnerability data come from?
All data is fetched directly from the NIST National Vulnerability Database (NVD) via its public API.
More Databases MCP servers
Sail MCP Server for Spark SQL
lakehqDrop-in Apache Spark replacement written in Rust, unifying batch processing, stream processing, and compute-intensive AI workloads.

Redis
modelcontextprotocolModel Context Protocol Servers
MongoDB Lens
furey🍃🔎 MongoDB Lens: Full Featured MCP Server for MongoDB Databases
Database Gateway
centralmindUniversal MCP-Server for your Databases optimized for LLMs and AI-Agents.
mcp_mysql_server
wenb1n-devModel Context Protocol (MCP) server that supports secure interaction with MySQL databases and has anomaly analysis capabilities.更加牛逼!更加好用!不仅止于mysql的增删改查功能; 还包含了数据库异常分析能力;且便于开发者们进行个性化的工具扩展
Comments