Provides security vulnerability information for Apache products, including detailed reports on vulnerabilities like Log4Shell (CVE-2021-44228).
Integrates with FIRST's Exploit Prediction Scoring System (EPSS) API to provide probability scores for vulnerability exploitation.
Integrates with GitHub security advisories to provide information about available exploits and proof-of-concept code for vulnerabilities.
Enables one-click deployment of the MCP server to Heroku for hosting your own vulnerability intelligence service.
Checks for available exploits in the Metasploit framework as part of the exploit availability assessment tool.
Retrieves package metadata and vulnerability information for Python packages from the Python Package Index, enabling security auditing of dependencies.
Provides comprehensive vulnerability checking for Python packages, including version-specific vulnerability detection and security reporting.
MCP Vulnerability Checker Server
A modular Model Context Protocol (MCP) server providing comprehensive security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.
Demo
๐ Using the Hosted Server
The vulnerability intelligence MCP server is already hosted and ready to use! Simply configure your MCP client to connect to it.
Claude Desktop Configuration
Add this configuration to your Claude Desktop settings file (~/.config/claude/claude_desktop_config.json
):
Cursor IDE Configuration
Add this configuration to your Cursor MCP settings file (~/.cursor/mcp.json
):
Alternatively, in Cursor IDE:
Open Cursor Settings โ Features โ MCP Servers
Click "Add New Server"
Select "Server-Sent Events (SSE)" as the type
Enter URL:
https://vulnerability-intelligence-mcp-server-edb8b15494e8.herokuapp.com/sse
Give it a name:
vulnerability-intelligence
Test the Connection
Once configured, try these example queries in Claude or Cursor:
CVE Lookup: "Look up CVE-2021-44228" (Log4Shell vulnerability)
EPSS Score: "Get EPSS score for CVE-2021-44228"
Package Check: "Check the 'requests' Python package for vulnerabilities"
Exploit Check: "Check for exploits for CVE-2021-44228"
CVSS Calculator: "Calculate CVSS score for vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
๐ก๏ธ Available Security Tools
๐ CVE Vulnerability Lookup (cve_lookup
)
Purpose: Fetches detailed vulnerability information from the National Vulnerability Database (NVD)
Data Source: NIST National Vulnerability Database API 2.0
Usage:
cve_lookup cve_id="CVE-2021-44228"
Features:
CVSS scores (v2.0, v3.0, v3.1) with severity ratings
Comprehensive vulnerability descriptions
References, advisories, and remediation links
CWE (Common Weakness Enumeration) mappings
Publication and modification timeline
Affected product configurations
๐ EPSS Score Lookup (get_epss_score
)
Purpose: Get Exploit Prediction Scoring System (EPSS) scores for CVEs
Data Source: FIRST EPSS API
Usage:
get_epss_score cve_id="CVE-2021-44228"
Features:
Probability of exploitation within 30 days
AI-powered risk prioritization
Real-time threat intelligence integration
Percentile rankings for relative risk assessment
๐งฎ CVSS Score Calculator (calculate_cvss_score
)
Purpose: Calculate CVSS base scores from vector strings
Data Source: CVSS v3.0/v3.1 specification
Usage:
calculate_cvss_score vector="CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
Features:
Support for CVSS v3.0 and v3.1
Detailed metric breakdown
Severity level mapping (Critical, High, Medium, Low)
Vector string validation and parsing
๐ Vulnerability Search (search_vulnerabilities
)
Purpose: Search vulnerability databases with advanced filtering
Data Source: Multiple vulnerability databases (NVD, CVE)
Usage:
search_vulnerabilities keywords="apache" severity="HIGH" date_range="1y"
Features:
Keyword-based search across vulnerability descriptions
Severity filtering (CRITICAL, HIGH, MEDIUM, LOW)
Date range filtering (30d, 90d, 1y, 2y, or custom)
Advanced query capabilities for threat research
๐ฏ Exploit Availability Check (get_exploit_availability
)
Purpose: Check for public exploits and proof-of-concepts (PoCs)
Data Source: ExploitDB, Metasploit, GitHub, security advisories
Usage:
get_exploit_availability cve_id="CVE-2021-44228"
Features:
Multi-source exploit detection
Active exploitation indicators
PoC code availability assessment
Threat intelligence aggregation
โฐ Vulnerability Timeline (get_vulnerability_timeline
)
Purpose: Get comprehensive timeline and patch status information
Data Source: NVD, vendor advisories, security bulletins
Usage:
get_vulnerability_timeline cve_id="CVE-2021-44228"
Features:
Publication and disclosure timeline
Patch availability status
Vendor advisory tracking
Remediation guidance timeline
๐ฏ VEX Status Check (get_vex_status
)
Purpose: Check Vulnerability Exploitability eXchange (VEX) status for specific products
Data Source: Vendor VEX statements and product security advisories
Usage:
get_vex_status cve_id="CVE-2021-44228" product="Apache HTTP Server"
Features:
Product-specific impact assessment
Vendor-provided exploitability statements
False positive filtering
Supply chain impact analysis
๐ฆ Python Package Vulnerability Check (package_vulnerability_check
)
Purpose: Checks Python packages for known security vulnerabilities
Data Source: OSV (Open Source Vulnerabilities) Database + PyPI
Usage:
package_vulnerability_check package_name="requests" version="2.25.1"
Features:
Comprehensive vulnerability scanning for PyPI packages
Version-specific or all-versions checking
Detailed vulnerability reports with severity scores
Affected version ranges and fix information
Integration with CVE, GHSA, and PYSEC databases
Package metadata from PyPI
๐๏ธ Modular Architecture
The server is built with a clean, modular architecture:
๐ง Alternative Setup Methods
Docker Setup (Recommended for Local Development)
Initial setup:
Build and run using Docker Compose:
The server will be available at: http://localhost:8000/sse
Connect to Cursor IDE:
Open Cursor Settings โ Features
Add new MCP server
Type: Select "sse"
URL: Enter
http://localhost:8000/sse
Local Development Setup
Install the uv package manager:
Install dependencies and run:
For Cursor IDE integration (stdio mode):
Copy the absolute path to
cursor-run-mcp-server.sh
Open Cursor Settings โ Features โ MCP Servers
Add new server with "stdio" type and the script path
๐งช Testing the Tools
Run the comprehensive test suite:
Example Test Outputs
CVE Lookup Test:
Package Vulnerability Test:
๐ Environment Variables
Available environment variables (can be set in .env
):
MCP_SERVER_PORT
(default: 8000) - Port to run the server onMCP_SERVER_HOST
(default: 0.0.0.0) - Host to bind the server toDEBUG
(default: false) - Enable debug modeMCP_USER_AGENT
- Custom User-Agent for HTTP requests
๐ Deploy Your Own Instance
If you want to deploy your own instance of the vulnerability intelligence server, you can use Heroku for quick deployment:
Quick Deploy to Heroku
Click "Deploy to Heroku" button
After deployment, your instance will be available at:
https://<your-app-name>.herokuapp.com/sse
Configure your MCP client to use your deployed instance:
For Claude Desktop: Update the
FETCH_URL
in your configurationFor Cursor IDE: Update the URL in your MCP settings
Test your deployment with the same example queries:
CVE Lookup: "Look up CVE-2021-44228"
EPSS Score: "Get EPSS score for CVE-2021-44228"
Package Check: "Check the 'requests' Python package for vulnerabilities"
Exploit Check: "Check for exploits for CVE-2021-44228"
๐ Data Sources & APIs
CVE Data: NIST National Vulnerability Database (NVD API 2.0)
EPSS Scores: FIRST EPSS API (Exploit Prediction Scoring System)
CVSS Calculations: CVSS v3.0/v3.1 specification compliance
Vulnerability Search: Multiple CVE and vulnerability databases
Exploit Intelligence: ExploitDB, Metasploit, GitHub security advisories
Package Vulnerabilities: OSV (Open Source Vulnerabilities)
Package Metadata: PyPI (Python Package Index)
VEX Data: Vendor VEX statements and product security advisories
๐ค Security Use Cases
This MCP server is designed for security engineers, developers, and teams who need:
Vulnerability Research & Intelligence
Quick CVE lookups with comprehensive details
CVSS and EPSS scoring for accurate risk assessment
Advanced vulnerability search across multiple databases
Exploit availability and threat intelligence gathering
Timeline analysis for understanding vulnerability lifecycle
Risk Assessment & Prioritization
EPSS-based exploitation probability scoring
CVSS vector calculation and validation
VEX status checking for product-specific impact
Multi-factor risk analysis combining multiple data sources
Dependency Management
Python package security auditing
Version-specific vulnerability checking
Supply chain security assessment
Open source component risk evaluation
Security Operations & Incident Response
Rapid vulnerability triage and classification
Exploit availability assessment for threat modeling
Security advisory research and correlation
Timeline-based patch management planning
๐ Extending the Server
The modular architecture makes it easy to add new security tools:
Create a new module in
mcp_simple_tool/tools/
Export the function in
tools/__init__.py
Register the tool in
server.py
Add tests in
tests/
See README_MODULAR.md for detailed extension guide.
๐ License
MIT License - see LICENSE file for details.
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
Tools
A Model Context Protocol server providing security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.
- Demo
- ๐ Using the Hosted Server
- ๐ก๏ธ Available Security Tools
- ๐ CVE Vulnerability Lookup (cve_lookup)
- ๐ EPSS Score Lookup (get_epss_score)
- ๐งฎ CVSS Score Calculator (calculate_cvss_score)
- ๐ Vulnerability Search (search_vulnerabilities)
- ๐ฏ Exploit Availability Check (get_exploit_availability)
- โฐ Vulnerability Timeline (get_vulnerability_timeline)
- ๐ฏ VEX Status Check (get_vex_status)
- ๐ฆ Python Package Vulnerability Check (package_vulnerability_check)
- ๐๏ธ Modular Architecture
- ๐ง Alternative Setup Methods
- ๐งช Testing the Tools
- ๐ Environment Variables
- ๐ Deploy Your Own Instance
- ๐ Data Sources & APIs
- ๐ค Security Use Cases
- ๐ Extending the Server
- ๐ License
Related Resources
Related MCP Servers
- -securityAlicense-qualityA Model Context Protocol server that enables AI assistants to search and retrieve information about security exploits and vulnerabilities from the Exploit Database, enhancing cybersecurity research capabilities.Last updated -11MIT License
- AsecurityAlicenseAqualityA Model Context Protocol server designed for testing backend APIs for security vulnerabilities like authentication bypass, injection attacks, and data leakage.Last updated -1411MIT License
- -securityAlicense-qualityA Model Context Protocol server that provides network analysis tools for security professionals, enabling AI models like Claude to perform tasks such as ASN lookups, DNS analysis, WHOIS retrieval, and IP geolocation for security investigations.Last updated -1Apache 2.0
- -securityFlicense-qualityA Model Context Protocol server that performs third-party threat intelligence enrichment for various observables (IP addresses, domains, URLs, emails) using services like VirusTotal, Shodan, and AbuseIPDB.Last updated -