EUVD-MCP

EUVD-MCP

MCP server for the European Union Vulnerability Database (EUVD) maintained by ENISA. Enables searching for vulnerabilities with flexible filters, fetching latest, critical, and exploited vulnerabilities, and looking up specific vulnerabilities and advisories by ID.

Category
Visit Server

README

EUVD-MCP

MCP server for the European Union Vulnerability Database (EUVD) maintained by ENISA.

Features

  • Search vulnerabilities with flexible filters (CVSS, EPSS, dates, product, vendor, exploited status, etc.)
  • Get latest, critical, and exploited vulnerabilities
  • Lookup specific vulnerabilities and advisories by ID
  • Automatic retries with exponential backoff
  • Bounded TTL cache (cachetools.TTLCache) for list endpoints
  • Structured logging (always to stderr — safe for stdio transport)
  • /health liveness endpoint and /metrics observability endpoint (HTTP mode)
  • Startup connectivity check to the EUVD API
  • Two transport modes: HTTP (standalone/Docker) and stdio (subprocess/Claude Desktop)

Requirements

Installation

git clone <repository-url>
cd euvdmcp
poetry install

Copy the example environment file and adjust as needed:

cp .env.template .env

Configuration

All settings are read from environment variables (or a .env file at the project root).

Variable Default Description
TRANSPORT http Transport mode: http or stdio
HOST 127.0.0.1 Server bind address (HTTP mode only)
PORT 8000 Server port (HTTP mode only)
EUVD_BASE_URL https://euvdservices.enisa.europa.eu EUVD API base URL
EUVD_TIMEOUT 30 HTTP request timeout (seconds)
EUVD_MAX_RETRIES 3 Max retries on transient failures
CACHE_TTL 30 TTL for cached list responses (seconds)
CACHE_MAX_SIZE 128 Maximum entries in the response cache
LOG_LEVEL INFO Logging level (DEBUG, INFO, WARNING, ERROR)
USER_AGENT euvd-mcp-tool User-Agent header sent to the EUVD API

Running

uvicorn (recommended)

uvicorn euvd_mcp.main:app --host 127.0.0.1 --port 8000

With live reload during development:

uvicorn euvd_mcp.main:app --host 127.0.0.1 --port 8000 --reload

Poetry

poetry run python -m euvd_mcp.main

Server runs on http://127.0.0.1:8000/mcp by default.

Docker

Build the image:

make docker-build

Run with a .env file (configuration is not baked into the image):

make docker-run        # uses .env automatically

Or docker-compose:

make compose-up        # start
make compose-logs      # tail logs
make compose-down      # stop

stdio (Claude Desktop / subprocess)

TRANSPORT=stdio poetry run python -m euvd_mcp.main

Note: In stdio mode the /health and /metrics endpoints are not available. Logs go to stderr so they do not interfere with the MCP protocol on stdout.

Integrating with LLM Clients

Claude Desktop — HTTP (server running separately)

Add to your Claude Desktop configuration file:

macOS/Linux: ~/Library/Application Support/Claude/claude_desktop_config.json Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "euvd": {
      "url": "http://127.0.0.1:8000/mcp"
    }
  }
}

Claude Desktop — stdio (subprocess)

{
  "mcpServers": {
    "euvd": {
      "command": "poetry",
      "args": ["run", "python", "-m", "euvd_mcp.main"],
      "env": { "TRANSPORT": "stdio" }
    }
  }
}

Claude Desktop — Docker

{
  "mcpServers": {
    "euvd": {
      "command": "docker",
      "args": [
        "run", "--rm", "-p", "8000:8000",
        "--env-file", "/absolute/path/to/.env",
        "euvd-mcp:local"
      ]
    }
  }
}

Example queries

  • "What are the latest critical vulnerabilities?"
  • "Search for exploited vulnerabilities with CVSS score above 8.0"
  • "Get details for vulnerability EUVD-2024-45012"
  • "Find vulnerabilities from Microsoft published in the last 30 days"

Available Tools

Tool Description
get_last_vulnerabilities Latest vulnerabilities (up to 8)
get_exploited_vulnerabilities Latest exploited vulnerabilities
get_critical_vulnerabilities Latest critical vulnerabilities (CVSS ≥ 9.0)
search_vulnerabilities Search with CVSS, EPSS, date, vendor, product, and exploited filters
get_vulnerability_by_id Fetch a single vulnerability by EUVD ID (e.g. EUVD-2024-45012)
get_advisory_by_id Fetch an advisory by its vendor-assigned ID

Observability

Two endpoints are available in HTTP mode:

Endpoint Description
GET /health Liveness probe — returns {"status": "ok", "version": "...", "uptime_seconds": N}
GET /metrics Request counts, per-tool latencies, cache hit/miss ratio, error breakdown

Project Structure

euvdmcp/
├── euvd_mcp/
│   ├── main.py                    # MCP server, tool definitions, health/metrics routes
│   ├── controllers/
│   │   └── euvd_api.py            # Async API client with retry and TTL cache
│   ├── models/
│   │   ├── input_models.py        # Pydantic input validation models
│   │   └── vulnerability.py       # Response data models
│   ├── utils/
│   │   ├── settings.py            # Configuration (pydantic-settings)
│   │   ├── logging_config.py      # Structured logging setup
│   │   └── metrics.py             # In-process metrics collector
│   └── tests/                     # pytest test suite
├── Dockerfile                     # Multi-stage build, non-root user, HEALTHCHECK
├── docker-compose.yml
├── Makefile
└── pyproject.toml

Development

poetry install                 # install all dependencies (incl. dev)
make pre-commit-setup          # install git hooks
make test                      # run tests
make test-cov                  # run tests with coverage report
make lint                      # ruff + mypy
make format                    # auto-format with ruff
make security                  # bandit + pip-audit

CI

Three GitHub Actions workflows run on every PR to main:

  • CI — tests, security scan (bandit + pip-audit), lock-file check, Docker build
  • Code Quality — ruff lint/format, mypy type check, markdown validation
  • Security Scan — Trivy container scan, results uploaded to GitHub Security tab

License

See LICENSE

Author

Duarte Dias

Acknowledgments

  • ENISA — European Union Agency for Cybersecurity
  • FastMCP — MCP framework

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured