Provides security vulnerability information for Apache products, including detailed reports on vulnerabilities like Log4Shell (CVE-2021-44228).
Integrates with FIRST's Exploit Prediction Scoring System (EPSS) API to provide probability scores for vulnerability exploitation.
Integrates with GitHub security advisories to provide information about available exploits and proof-of-concept code for vulnerabilities.
Enables one-click deployment of the MCP server to Heroku for hosting your own vulnerability intelligence service.
Checks for available exploits in the Metasploit framework as part of the exploit availability assessment tool.
Retrieves package metadata and vulnerability information for Python packages from the Python Package Index, enabling security auditing of dependencies.
Provides comprehensive vulnerability checking for Python packages, including version-specific vulnerability detection and security reporting.
A modular Model Context Protocol (MCP) server providing comprehensive security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.
The vulnerability intelligence MCP server is already hosted and ready to use! Simply configure your MCP client to connect to it.
Add this configuration to your Claude Desktop settings file (~/.config/claude/claude_desktop_config.json):
Add this configuration to your Cursor MCP settings file (~/.cursor/mcp.json):
Alternatively, in Cursor IDE:
Open Cursor Settings โ Features โ MCP Servers
Click "Add New Server"
Select "Server-Sent Events (SSE)" as the type
Enter URL: https://vulnerability-intelligence-mcp-server-edb8b15494e8.herokuapp.com/sse
Give it a name: vulnerability-intelligence
Once configured, try these example queries in Claude or Cursor:
CVE Lookup: "Look up CVE-2021-44228" (Log4Shell vulnerability)
EPSS Score: "Get EPSS score for CVE-2021-44228"
Package Check: "Check the 'requests' Python package for vulnerabilities"
Exploit Check: "Check for exploits for CVE-2021-44228"
CVSS Calculator: "Calculate CVSS score for vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
cve_lookup)Purpose: Fetches detailed vulnerability information from the National Vulnerability Database (NVD)
Data Source: NIST National Vulnerability Database API 2.0
Usage: cve_lookup cve_id="CVE-2021-44228"
Features:
CVSS scores (v2.0, v3.0, v3.1) with severity ratings
Comprehensive vulnerability descriptions
References, advisories, and remediation links
CWE (Common Weakness Enumeration) mappings
Publication and modification timeline
Affected product configurations
get_epss_score)Purpose: Get Exploit Prediction Scoring System (EPSS) scores for CVEs
Data Source: FIRST EPSS API
Usage: get_epss_score cve_id="CVE-2021-44228"
Features:
Probability of exploitation within 30 days
AI-powered risk prioritization
Real-time threat intelligence integration
Percentile rankings for relative risk assessment
calculate_cvss_score)Purpose: Calculate CVSS base scores from vector strings
Data Source: CVSS v3.0/v3.1 specification
Usage: calculate_cvss_score vector="CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
Features:
Support for CVSS v3.0 and v3.1
Detailed metric breakdown
Severity level mapping (Critical, High, Medium, Low)
Vector string validation and parsing
search_vulnerabilities)Purpose: Search vulnerability databases with advanced filtering
Data Source: Multiple vulnerability databases (NVD, CVE)
Usage: search_vulnerabilities keywords="apache" severity="HIGH" date_range="1y"
Features:
Keyword-based search across vulnerability descriptions
Severity filtering (CRITICAL, HIGH, MEDIUM, LOW)
Date range filtering (30d, 90d, 1y, 2y, or custom)
Advanced query capabilities for threat research
get_exploit_availability)Purpose: Check for public exploits and proof-of-concepts (PoCs)
Data Source: ExploitDB, Metasploit, GitHub, security advisories
Usage: get_exploit_availability cve_id="CVE-2021-44228"
Features:
Multi-source exploit detection
Active exploitation indicators
PoC code availability assessment
Threat intelligence aggregation
get_vulnerability_timeline)Purpose: Get comprehensive timeline and patch status information
Data Source: NVD, vendor advisories, security bulletins
Usage: get_vulnerability_timeline cve_id="CVE-2021-44228"
Features:
Publication and disclosure timeline
Patch availability status
Vendor advisory tracking
Remediation guidance timeline
get_vex_status)Purpose: Check Vulnerability Exploitability eXchange (VEX) status for specific products
Data Source: Vendor VEX statements and product security advisories
Usage: get_vex_status cve_id="CVE-2021-44228" product="Apache HTTP Server"
Features:
Product-specific impact assessment
Vendor-provided exploitability statements
False positive filtering
Supply chain impact analysis
package_vulnerability_check)Purpose: Checks Python packages for known security vulnerabilities
Data Source: OSV (Open Source Vulnerabilities) Database + PyPI
Usage: package_vulnerability_check package_name="requests" version="2.25.1"
Features:
Comprehensive vulnerability scanning for PyPI packages
Version-specific or all-versions checking
Detailed vulnerability reports with severity scores
Affected version ranges and fix information
Integration with CVE, GHSA, and PYSEC databases
Package metadata from PyPI
The server is built with a clean, modular architecture:
Initial setup:
Build and run using Docker Compose:
The server will be available at: http://localhost:8000/sse
Connect to Cursor IDE:
Open Cursor Settings โ Features
Add new MCP server
Type: Select "sse"
URL: Enter http://localhost:8000/sse
Install the uv package manager:
Install dependencies and run:
For Cursor IDE integration (stdio mode):
Copy the absolute path to cursor-run-mcp-server.sh
Open Cursor Settings โ Features โ MCP Servers
Add new server with "stdio" type and the script path
Run the comprehensive test suite:
CVE Lookup Test:
Package Vulnerability Test:
Available environment variables (can be set in .env):
MCP_SERVER_PORT (default: 8000) - Port to run the server on
MCP_SERVER_HOST (default: 0.0.0.0) - Host to bind the server to
DEBUG (default: false) - Enable debug mode
MCP_USER_AGENT - Custom User-Agent for HTTP requests
If you want to deploy your own instance of the vulnerability intelligence server, you can use Heroku for quick deployment:
Click "Deploy to Heroku" button
After deployment, your instance will be available at:
https://<your-app-name>.herokuapp.com/sse
Configure your MCP client to use your deployed instance:
For Claude Desktop: Update the FETCH_URL in your configuration
For Cursor IDE: Update the URL in your MCP settings
Test your deployment with the same example queries:
CVE Lookup: "Look up CVE-2021-44228"
EPSS Score: "Get EPSS score for CVE-2021-44228"
Package Check: "Check the 'requests' Python package for vulnerabilities"
Exploit Check: "Check for exploits for CVE-2021-44228"
CVE Data: NIST National Vulnerability Database (NVD API 2.0)
EPSS Scores: FIRST EPSS API (Exploit Prediction Scoring System)
CVSS Calculations: CVSS v3.0/v3.1 specification compliance
Vulnerability Search: Multiple CVE and vulnerability databases
Exploit Intelligence: ExploitDB, Metasploit, GitHub security advisories
Package Vulnerabilities: OSV (Open Source Vulnerabilities)
Package Metadata: PyPI (Python Package Index)
VEX Data: Vendor VEX statements and product security advisories
This MCP server is designed for security engineers, developers, and teams who need:
Quick CVE lookups with comprehensive details
CVSS and EPSS scoring for accurate risk assessment
Advanced vulnerability search across multiple databases
Exploit availability and threat intelligence gathering
Timeline analysis for understanding vulnerability lifecycle
EPSS-based exploitation probability scoring
CVSS vector calculation and validation
VEX status checking for product-specific impact
Multi-factor risk analysis combining multiple data sources
Python package security auditing
Version-specific vulnerability checking
Supply chain security assessment
Open source component risk evaluation
Rapid vulnerability triage and classification
Exploit availability assessment for threat modeling
Security advisory research and correlation
Timeline-based patch management planning
The modular architecture makes it easy to add new security tools:
Create a new module in mcp_simple_tool/tools/
Export the function in tools/__init__.py
Register the tool in server.py
Add tests in tests/
See README_MODULAR.md for detailed extension guide.
MIT License - see LICENSE file for details.
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
A Model Context Protocol server providing security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/firetix/vulnerability-intelligence-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server
