MCP server for analyzing CVEs (Common Vulnerabilities and Exposures)

Glama

Search for:

MCP server for analyzing CVEs (Common Vulnerabilities and Exposures)

View all MCP Servers

Why this server?
This server directly exposes tools to query the NVD/CVE REST API, which is precisely what is needed to analyze CVEs (Common Vulnerabilities and Exposures).
vuln-nist-mcp-server
-
security
-
license
-
quality
This MCP server exposes tools to query the NVD/CVE REST API and return formatted text results suitable for LLM consumption via the MCP protocol. It includes automatic query chunking for large date ranges and parallel processing for improved performance.
Why this server?
This server is explicitly designed for querying the CVE-Search API and provides comprehensive access to browse and retrieve detailed CVE information by CVE-ID.
cve-search_mcp
roadwy
A
security
A
license
A
quality
A Model Context Protocol (MCP) server for querying the CVE-Search API. This server provides comprehensive access to CVE-Search, browse vendor and product、get CVE per CVE-ID、get the last updated CVEs.
Last updated -
6
68
MIT License
Why this server?
This server retrieves CVE details from the NVD API and fetches EPSS scores, providing comprehensive vulnerability information and analysis capabilities.
EPSS MCP Server
jgamblin
-
security
A
license
-
quality
A server that retrieves CVE details from the NVD API and fetches EPSS scores to provide comprehensive vulnerability information, including descriptions, CWEs, CVSS scores, and exploitation likelihood percentiles.
Last updated -
12
MIT License
Why this server?
This server is specifically noted as a wrapper for the NIST National Vulnerability Database (NVD) API, which is the primary source for CVE information.
mcp-nvd
marcoeg
-
security
A
license
-
quality
A Model Context Protocol server implementation to query the NIST National Vulnerability Database (NVD) via its API.
Last updated -
10
MIT License
Why this server?
This server provides security vulnerability intelligence tools including CVE lookup, EPSS scoring, and exploit detection, making it highly relevant for analyzing CVEs.
MCP Vulnerability Checker Server
firetix
A
security
A
license
A
quality
A Model Context Protocol server providing security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.
Last updated -
8
9
MIT License
Why this server?
This server retrieves CVE details and accesses CISA's Known Exploited Vulnerabilities catalog, essential for prioritizing and analyzing CVEs based on exploitation likelihood.
Risky Business MCP Server
khizar-anjum
-
security
F
license
-
quality
Enables comprehensive cybersecurity vulnerability assessment by searching GitHub repositories for exploits, querying NIST NVD for CVE details, and accessing CISA's Known Exploited Vulnerabilities catalog. Supports complete vulnerability research workflows from threat intelligence gathering to proof-of-concept discovery.
Last updated -
4
Why this server?
This server is designed for secure development by listing packages' CVEs, affected versions, and fix versions, which is directly applicable to analyzing vulnerabilities within a codebase context.
OSV
EdenYavin
A
security
A
license
A
quality
The server can be utilized for secure development by listing all packages' CVEs, their affected versions and their fix versions.
Last updated -
4
2
MIT License
Why this server?
This server provides tools explicitly named for checking CVEs and performing vulnerability scanning on software dependencies.
CVE Checker for Node Modules
RobinBreugelmans-S
A
security
F
license
A
quality
Enables checking npm packages for known security vulnerabilities using the OSV API before installation. Supports both single package checks and bulk vulnerability scanning for multiple packages at once.
Last updated -
2
Why this server?
While focused on general security/threat analysis, VirusTotal data is often correlated with CVEs, making this tool useful for gathering intelligence during vulnerability analysis.
VirusTotal MCP Server
emeryray2002
-
security
A
license
-
quality
Provides comprehensive security analysis tools for querying the VirusTotal API, enabling detailed security reports on URLs, files, IP addresses, and domains with automatic relationship data fetching.
Last updated -
3
Apache 2.0
Why this server?
Trivy is a well-known security scanner for vulnerabilities and misconfigurations (including those tied to CVEs), integrating directly into the analysis workflow.
Trivy Security Scanner MCP Server
norbinsh
-
security
A
license
-
quality
Provides Trivy security scanning capabilities through a standardized interface, allowing users to scan projects for vulnerabilities and automatically fix them by updating dependencies.
Last updated -
10
MIT License