CVE Search MCP Server
Enables searching and analyzing CVEs and vulnerabilities from multiple sources, optimized for PR review scenarios to help developers identify the latest security issues.
README
CVE Search MCP Server
A Model Context Protocol (MCP) server for CVE and vulnerability searching, optimized for PR review scenarios. Helps developers and security teams identify the latest CVEs and vulnerabilities — including those that postdate an LLM's training data.
Features
- 8 tools covering CVE lookup, bulk scanning, keyword search, product search, recent CVEs, high-severity alerts, database stats, and detailed CVSS breakdowns
- Multi-source: NVD, GitHub Advisory, OSV, CIRCL — searched concurrently and deduplicated
- Smart normalization: "Node.js", "Spring Boot", "log4j2" all resolve correctly
- Optional auth:
GITHUB_TOKENandNVD_API_KEYfor higher rate limits - 3 transports: stdio (default), SSE, Streamable HTTP
Installation
Prerequisites
- Python 3.10+
- uv package manager
Install
cd cve-search
uv sync
Development Setup
uv sync --extra dev
uv run --extra dev pytest
uv run black src/
uv run ruff check src/
Configuration
| Env Var | Default | Description |
|---|---|---|
GITHUB_TOKEN |
none | GitHub personal access token. Raises GitHub Advisory API rate limit from 60 to 5000 req/hr. |
NVD_API_KEY |
none | NVD API key. Raises rate limit from 5 to 50 req/30s. Get one at nvd.nist.gov. |
CVE_SEARCH_TIMEOUT |
20 |
HTTP request timeout in seconds. |
CVE_SEARCH_MAX_RESULTS |
100 |
Maximum results returned per tool call. |
Running
# stdio (default — for Claude Desktop/IDE)
uv run python main.py
# SSE
uv run python main.py --transport sse --host 127.0.0.1 --port 8000
# Streamable HTTP (MCP spec 2025-06-18+)
uv run python main.py --transport streamable-http --host 127.0.0.1 --port 8000
Claude Desktop Config
{
"mcpServers": {
"cve-search": {
"command": "uv",
"args": ["--directory", "/path/to/cve-search", "run", "python", "main.py"],
"env": {
"GITHUB_TOKEN": "your-token-here",
"NVD_API_KEY": "your-key-here"
}
}
}
}
Tools
| Tool | Description | Speed |
|---|---|---|
search_cve_by_id |
Look up a specific CVE by ID (e.g. CVE-2021-44228) | Fast |
bulk_cve_lookup |
Look up up to 20 CVE IDs in one call — ideal for scanning PR dependency lists | Fast |
search_vulnerabilities_by_product |
Search by vendor/product name (e.g. vendor="apache", product="struts") | Slow (10-15s) |
get_recent_cves |
Get CVEs from the last N days | Fast |
check_high_severity_cves |
Get CVSS ≥ 7.0 CVEs from the last N days | Fast |
search_by_keyword |
Smart multi-source keyword search (NVD + GitHub Advisory + OSV) | Fast |
get_vulnerability_stats |
Database stats: total CVE count, last updated timestamp | Fast |
cvss_score_lookup |
Detailed CVSS v3/v4 breakdown for a CVE (base score, vector string, per-metric) | Fast |
PR Review Workflow
Scan a list of CVE IDs from a dependency audit
bulk_cve_lookup(["CVE-2021-44228", "CVE-2023-44487", "CVE-2024-12345"])
Search for vulnerabilities in a technology being introduced
search_by_keyword("spring boot")
Check high-severity CVEs published this week
check_high_severity_cves(7)
Get detailed CVSS breakdown for a flagged CVE
cvss_score_lookup("CVE-2021-44228")
Project Structure
cve-search/
├── src/mcp_server_cve_search/
│ ├── config.py # Config from env vars
│ ├── server.py # FastMCP app + transport dispatch
│ ├── tools/ # One module per tool group
│ │ ├── cve_lookup.py # search_cve_by_id, bulk_cve_lookup
│ │ ├── product_search.py
│ │ ├── recent_cves.py # get_recent_cves, check_high_severity_cves
│ │ ├── keyword_search.py
│ │ ├── stats.py # get_vulnerability_stats
│ │ └── cvss.py # cvss_score_lookup
│ ├── sources/ # One client per API
│ │ ├── circl.py # CIRCL CVE Search
│ │ ├── nvd.py # NVD/NIST (optional API key)
│ │ ├── github.py # GitHub Advisory (optional token)
│ │ └── osv.py # OSV (Google)
│ └── utils/
│ ├── severity.py # CVSS score helpers
│ ├── normalization.py # Keyword normalization + tech mappings
│ └── formatting.py # Summary/alert formatting
├── tests/
├── examples/
├── main.py
├── test_server.py # Manual live-API integration test
└── pyproject.toml
Data Sources
| Source | URL | Notes |
|---|---|---|
| CIRCL CVE Search | cve.circl.lu | Primary source; no auth required |
| NVD (NIST) | nvd.nist.gov | Richest CVSS data; optional API key |
| GitHub Advisory | github.com/advisories | Optional token for higher rate limits |
| OSV (Google) | osv.dev | Open source vulnerability database |
License
MIT License
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.