Skip to main content
Glama
firetix

MCP Vulnerability Checker Server

by firetix
OverviewSchemaRelated ServersScoreDiscussions
Python
Remote

cve_lookup

Look up detailed CVE vulnerability information from the National Vulnerability Database. Get CVSS scores, descriptions, references, and weakness details to understand security implications.

Instructions

Lookup CVE vulnerability information from the National Vulnerability Database

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
cve_idYesLookup detailed information about a CVE (Common Vulnerabilities and Exposures) from the National Vulnerability Database. Provide a CVE ID in the format CVE-YYYY-NNNN (e.g., CVE-2021-44228 for Log4Shell). Returns comprehensive vulnerability details including CVSS scores, descriptions, references, and associated weaknesses to help engineers understand security implications.

Implementation Reference

  • mcp_simple_tool/tools/cve_lookup.py:16-226 (handler)
    The core handler function that takes a CVE ID, validates it, queries the NVD API, extracts vulnerability details including descriptions, CVSS scores, weaknesses, and references, then returns a formatted markdown TextContent report.
    async def lookup_cve(
    cve_id: str,
) -> List[types.TextContent | types.ImageContent | types.EmbeddedResource]:
    """
    Lookup CVE vulnerability information from the National Vulnerability Database (NVD).
    Provides detailed information about Common Vulnerabilities and Exposures.

    Args:
        cve_id: CVE identifier in format CVE-YYYY-NNNN

    Returns:
        List of content containing CVE information or error messages
    """
    # Clean up CVE ID format
    cve_id = cve_id.upper().strip()
    if not cve_id.startswith("CVE-"):
        cve_id = f"CVE-{cve_id}"

    # Validate CVE ID format (CVE-YYYY-NNNN)
    if not re.match(r"^CVE-\d{4}-\d{4,}$", cve_id):
        return [
            types.TextContent(
                type="text",
                text=f"Error: Invalid CVE ID format. Expected format: CVE-YYYY-NNNN (e.g., CVE-2021-44228). Got: {cve_id}",
            )
        ]

    headers = {"User-Agent": "MCP CVE Lookup Tool v1.0"}

    try:
        timeout = httpx.Timeout(15.0, connect=10.0)
        async with httpx.AsyncClient(
            follow_redirects=True, headers=headers, timeout=timeout
        ) as client:
            # NVD API 2.0 endpoint
            url = f"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId={cve_id}"
            response = await client.get(url)
            response.raise_for_status()

            data = response.json()

            if data.get("totalResults", 0) == 0:
                return [
                    types.TextContent(
                        type="text",
                        text=f"CVE {cve_id} not found in the National Vulnerability Database.",
                    )
                ]

            cve_item = data["vulnerabilities"][0]["cve"]

            # Extract key information
            cve_info = {
                "id": cve_item["id"],
                "published": cve_item.get("published", "Unknown"),
                "lastModified": cve_item.get("lastModified", "Unknown"),
                "descriptions": [],
                "cvss_scores": [],
                "references": [],
                "configurations": [],
                "weaknesses": [],
            }

            # Get descriptions
            for desc in cve_item.get("descriptions", []):
                if desc.get("lang") == "en":
                    cve_info["descriptions"].append(desc.get("value", ""))

            # Get CVSS scores
            metrics = cve_item.get("metrics", {})

            # CVSS 3.1
            if "cvssMetricV31" in metrics:
                for metric in metrics["cvssMetricV31"]:
                    cvss_data = metric.get("cvssData", {})
                    cve_info["cvss_scores"].append(
                        {
                            "version": "3.1",
                            "score": cvss_data.get("baseScore", "N/A"),
                            "severity": cvss_data.get("baseSeverity", "N/A"),
                            "vector": cvss_data.get("vectorString", "N/A"),
                            "source": metric.get("source", "N/A"),
                        }
                    )

            # CVSS 3.0
            if "cvssMetricV30" in metrics:
                for metric in metrics["cvssMetricV30"]:
                    cvss_data = metric.get("cvssData", {})
                    cve_info["cvss_scores"].append(
                        {
                            "version": "3.0",
                            "score": cvss_data.get("baseScore", "N/A"),
                            "severity": cvss_data.get("baseSeverity", "N/A"),
                            "vector": cvss_data.get("vectorString", "N/A"),
                            "source": metric.get("source", "N/A"),
                        }
                    )

            # CVSS 2.0
            if "cvssMetricV2" in metrics:
                for metric in metrics["cvssMetricV2"]:
                    cvss_data = metric.get("cvssData", {})
                    cve_info["cvss_scores"].append(
                        {
                            "version": "2.0",
                            "score": cvss_data.get("baseScore", "N/A"),
                            "severity": cvss_data.get("baseSeverity", "N/A"),
                            "vector": cvss_data.get("vectorString", "N/A"),
                            "source": metric.get("source", "N/A"),
                        }
                    )

            # Get references
            for ref in cve_item.get("references", []):
                cve_info["references"].append(
                    {
                        "url": ref.get("url", ""),
                        "source": ref.get("source", ""),
                        "tags": ref.get("tags", []),
                    }
                )

            # Get weaknesses (CWE)
            for weakness in cve_item.get("weaknesses", []):
                for desc in weakness.get("description", []):
                    if desc.get("lang") == "en":
                        cve_info["weaknesses"].append(desc.get("value", ""))

            # Format the response
            result = f"🔍 **CVE Vulnerability Report: {cve_info['id']}**\n\n"

            # Published/Modified dates
            result += "📅 **Timeline:**\n"
            result += f"   • Published: {cve_info['published']}\n"
            result += f"   • Last Modified: {cve_info['lastModified']}\n\n"

            # Description
            if cve_info["descriptions"]:
                result += "📝 **Description:**\n"
                for desc in cve_info["descriptions"]:
                    result += f"   {desc}\n\n"

            # CVSS Scores
            if cve_info["cvss_scores"]:
                result += "⚠️ **CVSS Scores:**\n"
                for score in cve_info["cvss_scores"]:
                    result += f"   • CVSS {score['version']}: {score['score']} ({score['severity']})\n"
                    result += f"     Vector: {score['vector']}\n"
                    result += f"     Source: {score['source']}\n"
                result += "\n"

            # Weaknesses (CWE)
            if cve_info["weaknesses"]:
                result += "🛡️ **Weaknesses (CWE):**\n"
                for weakness in cve_info["weaknesses"]:
                    result += f"   • {weakness}\n"
                result += "\n"

            # References
            if cve_info["references"]:
                result += "🔗 **References:**\n"
                for ref in cve_info["references"][:10]:  # Limit to first 10 references
                    tags = ", ".join(ref["tags"]) if ref["tags"] else "General"
                    result += f"   • [{ref['source']}] {ref['url']}\n"
                    result += f"     Tags: {tags}\n"

                if len(cve_info["references"]) > 10:
                    result += f"   ... and {len(cve_info['references']) - 10} more references\n"
                result += "\n"

            result += "📊 **Data Source:** National Vulnerability Database (NVD)\n"
            result += f"🌐 **Official CVE URL:** https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve_info['id']}"

            return [types.TextContent(type="text", text=result)]

    except httpx.TimeoutException:
        return [
            types.TextContent(
                type="text",
                text="Error: Request timed out while fetching CVE information from NVD.",
            )
        ]
    except httpx.HTTPStatusError as e:
        if e.response.status_code == 404:
            return [
                types.TextContent(
                    type="text",
                    text=f"CVE {cve_id} not found in the National Vulnerability Database.",
                )
            ]
        return [
            types.TextContent(
                type="text",
                text=f"Error: HTTP {e.response.status_code} error while fetching CVE data.",
            )
        ]
    except json.JSONDecodeError:
        return [
            types.TextContent(
                type="text", text="Error: Invalid JSON response from NVD API."
            )
        ]
    except Exception as e:
        return [
            types.TextContent(
                type="text",
                text=f"Error: Failed to fetch CVE information: {str(e)}",
            )
        ]
  • mcp_simple_tool/server.py:164-176 (schema)
    The JSON schema definition for the cve_lookup tool's input, requiring a 'cve_id' string parameter with detailed usage description.
        name="cve_lookup",
    description="Lookup CVE vulnerability information from the National Vulnerability Database",
    inputSchema={
        "type": "object",
        "required": ["cve_id"],
        "properties": {
            "cve_id": {
                "type": "string",
                "description": cve_description,
            }
        },
    },
),
  • mcp_simple_tool/server.py:90-98 (registration)
    Registration and dispatch logic in the @app.call_tool() handler that routes 'cve_lookup' calls to the lookup_cve function after input validation.
    if name == "cve_lookup":
    if "cve_id" not in arguments:
        return [
            types.TextContent(
                type="text", text="Error: Missing required argument 'cve_id'"
            )
        ]
    return await lookup_cve(arguments["cve_id"])
elif name == "package_vulnerability_check":

Tool Definition Quality

C2.9/5.0
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It mentions the data source (National Vulnerability Database) but doesn't cover critical aspects like rate limits, authentication requirements, error handling, or response format. This leaves significant gaps for an AI agent to understand operational constraints.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence that directly states the tool's function without unnecessary words. It's front-loaded with the core purpose, making it easy to parse and understand quickly.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the lack of annotations and output schema, the description is incomplete. It doesn't explain what the tool returns (e.g., CVSS scores, descriptions) or behavioral traits like rate limits. For a lookup tool with no structured safety or output information, this leaves the AI agent under-informed.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The schema description coverage is 100%, with the parameter 'cve_id' fully documented in the input schema. The description adds no additional parameter semantics beyond what's already in the schema, so it meets the baseline for adequate but unremarkable coverage.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('Lookup') and resource ('CVE vulnerability information from the National Vulnerability Database'), making the tool's purpose immediately understandable. However, it doesn't explicitly differentiate from sibling tools like 'search_vulnerabilities' or 'package_vulnerability_check', which prevents a perfect score.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives like 'search_vulnerabilities' or 'get_vulnerability_timeline'. It lacks context about prerequisites, such as needing a specific CVE ID format, or exclusions, like not being suitable for batch queries.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/firetix/vulnerability-intelligence-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server