MCP server for analyzing CVEs (Common Vulnerabilities and Exposures)

Search for:

MCP server for analyzing CVEs (Common Vulnerabilities and Exposures)

View all MCP Servers

Why this server?
This server is explicitly designed for querying the CVE-Search API and provides comprehensive access to browse and retrieve detailed CVE information by CVE-ID.
cve-search_mcp
Security Open Data Search
roadwy
A
license
B
quality
C
maintenance
A Model Context Protocol (MCP) server for querying the CVE-Search API. This server provides comprehensive access to CVE-Search, browse vendor and product、get CVE per CVE-ID、get the last updated CVEs.
Last updated 2025-07-26
6
98
MIT
Why this server?
This server retrieves CVE details from the NVD API and fetches EPSS scores, providing comprehensive vulnerability information and analysis capabilities.
EPSS MCP Server
Security Databases Hybrid
jgamblin
A
license
-
quality
C
maintenance
A server that retrieves CVE details from the NVD API and fetches EPSS scores to provide comprehensive vulnerability information, including descriptions, CWEs, CVSS scores, and exploitation likelihood percentiles.
Last updated 2025-05-22
13
MIT
Why this server?
This server is specifically noted as a wrapper for the NIST National Vulnerability Database (NVD) API, which is the primary source for CVE information.
mcp-nvd
Security Databases Remote
marcoeg
A
license
B
quality
C
maintenance
A Model Context Protocol server implementation to query the NIST National Vulnerability Database (NVD) via its API.
Last updated 2025-03-24
2
14
MIT
Why this server?
This server provides security vulnerability intelligence tools including CVE lookup, EPSS scoring, and exploit detection, making it highly relevant for analyzing CVEs.
MCP Vulnerability Checker
Security Testing & QA Tools Remote
firetix
A
license
A
quality
C
maintenance
A Model Context Protocol server providing security vulnerability intelligence tools including CVE lookup, EPSS scoring, CVSS calculation, exploit detection, and Python package vulnerability checking.
Last updated 2025-05-23
8
9
MIT
Why this server?
This server retrieves CVE details and accesses CISA's Known Exploited Vulnerabilities catalog, essential for prioritizing and analyzing CVEs based on exploitation likelihood.
Risky Business MCP Server
Security Penetration Testing Databases
khizar-anjum
F
license
-
quality
C
maintenance
Enables comprehensive cybersecurity vulnerability assessment by searching GitHub repositories for exploits, querying NIST NVD for CVE details, and accessing CISA's Known Exploited Vulnerabilities catalog. Supports complete vulnerability research workflows from threat intelligence gathering to proof-of-concept discovery.
Last updated 2025-08-17
4
Why this server?
This server is designed for secure development by listing packages' CVEs, affected versions, and fix versions, which is directly applicable to analyzing vulnerabilities within a codebase context.
OSV
Developer Tools Testing & QA Tools Security
EdenYavin
A
license
A
quality
C
maintenance
The server can be utilized for secure development by listing all packages' CVEs, their affected versions and their fix versions.
Last updated 2025-04-23
4
2
MIT
Why this server?
This server provides tools explicitly named for checking CVEs and performing vulnerability scanning on software dependencies.
CVE Checker for Node Modules
Developer Tools Security Testing & QA Tools
RobinBreugelmans-S
F
license
B
quality
C
maintenance
Enables checking npm packages for known security vulnerabilities using the OSV API before installation. Supports both single package checks and bulk vulnerability scanning for multiple packages at once.
Last updated 2025-10-24
2
Why this server?
While focused on general security/threat analysis, VirusTotal data is often correlated with CVEs, making this tool useful for gathering intelligence during vulnerability analysis.
VirusTotal MCP Server
Security Monitoring Autonomous Agents
emeryray2002
A
license
-
quality
C
maintenance
Provides comprehensive security analysis tools for querying the VirusTotal API, enabling detailed security reports on URLs, files, IP addresses, and domains with automatic relationship data fetching.
Last updated 2025-03-30
2
Apache 2.0
Why this server?
Trivy is a well-known security scanner for vulnerabilities and misconfigurations (including those tied to CVEs), integrating directly into the analysis workflow.
Trivy Security Scanner MCP
Testing & QA Tools Security Developer Tools
norbinsh
A
license
-
quality
C
maintenance
Provides Trivy security scanning capabilities through a standardized interface, allowing users to scan projects for vulnerabilities and automatically fix them by updating dependencies.
Last updated 2025-02-18
10