NVD Database MCP Server
@marcoeg
About NVD Database MCP Server
An MCP server to query the NIST National Vulnerability Database (NVD)
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"mcp-nvd": {
"command": "/path/to/uvx",
"args": [
"mcp-nvd"
],
"env": {
"NVD_API_KEY": "your-api-key"
}
}
}
}Tools
4Retrieves a CVE record by its ID.
Detailed CVE info including scores, weaknesses, and references.
Searches the NVD database by keyword.
List of matching CVEs with total count.
Overview
What is NVD Database MCP Server?
A Model Context Protocol server implementation that queries the NIST National Vulnerability Database (NVD) via its API, providing vulnerability data to MCP-compliant clients like Claude Desktop.
How to use NVD Database MCP Server?
Configure the server in the Claude Desktop config file by providing the path to uvx, the mcp-nvd argument, and your NVD API key as an environment variable. Then use the get_cve tool to retrieve a CVE by ID and the search_cve tool to search by keyword with optional parameters.
Key features of NVD Database MCP Server
- Query specific CVEs by ID with detailed vulnerability data
- Search the NVD database by keyword with customizable results
- Supports both stdio and SSE transport modes
- Compatible with MCP-compliant clients like Claude Desktop
- Offers concise output option for shorter CVE records
- Docker support for containerized deployment
Use cases of NVD Database MCP Server
- Retrieve full vulnerability details for a known CVE during security assessment
- Search for CVEs related to a specific software vendor or product
- Automate vulnerability intelligence gathering within an MCP workflow
- Integrate real-time CVE lookups into security tooling dashboards
FAQ from NVD Database MCP Server
What prerequisites are needed to run this server?
Python 3.10 or higher, a free NVD API key (request at nvd.nist.gov), and the uv package manager.
How do I configure it for Claude Desktop?
Edit the Claude Desktop config file (claude_desktop_config.json) to add mcp-nvd under mcpServers with the command set to your uvx path, args ["mcp-nvd"], and the NVD_API_KEY environment variable.
Does it support Server-Sent Events (SSE) transport?
Yes, it supports SSE transport for real-time communication, and can be run with --transport sse --port 9090.
What tools does the server provide?
Two tools: get_cve (retrieve a CVE by ID) and search_cve (search by keyword with options for exact match, concise output, and result count up to 2000).
Where does the vulnerability data come from?
All data is fetched directly from the NIST National Vulnerability Database (NVD) via its public API.
More Databases MCP servers
mcp-server-qdrant: A Qdrant MCP server
qdrantAn official Qdrant Model Context Protocol (MCP) server implementation
Snowflake MCP Server
isaacwassermanmcp_mysql_server
xwb602625136Model Context Protocol (MCP) server that supports secure interaction with MySQL databases and has anomaly analysis capabilities.更加牛逼!更加好用!不仅止于mysql的增删改查功能; 还包含了数据库异常分析能力;且便于开发者们进行个性化的工具扩展
Multi Database MCP Server
FreePeakA powerful multi-database server implementing the Model Context Protocol (MCP) to provide AI assistants with structured access to databases.
Neon MCP Server
neondatabase-labsMCP server for interacting with Neon Management API and databases
Comments