"Apache Solr" matching MCP tools:

• get_fix_recommendations

  SiteGuardian

  Returns copy-paste-ready fix recommendations (nginx, Apache, DNS, shell) for the issues found on a domain the caller has already paid for — either an active Monitor/Compliance subscription covering the domain, OR a purchased one-off Report for the domain. Each recommendation carries a stable issue_id, a priority (high/medium/low), a title, prose instructions, one or more config snippets with the target domain already interpolated, a verify command, and a category tag. Use this when the user asks how to fix an issue, wants the exact config to apply, or needs to verify a fix worked. Pass the optional issue_id to scope the response to one specific finding. The response is read-only — this tool NEVER triggers a fresh scan; fixes are computed from the most recent stored scan (including the Report-included re-scan if that was used). Do NOT use this for domains the caller hasn't purchased coverage for — you'll get an upgrade_required error that links to the pricing page. Do NOT use this to run or trigger a scan; call scan_domain for anonymous checks. Requires a valid API key.

  Connector

• calculate_risk_score

  ContrastAPI

  Composite CVE risk score (0-100) — fuses CVSS, EPSS, KEV, and PoC into a single agent-ready triage signal. Formula: CVSS*0.20 + EPSS*0.35 + KEV*0.30 + PoC*0.15 (each component rescaled to 0-100 before weighting). Multiplicative boosters applied in order: KEV+PoC combo (*1.15), critical-severity-with-high-EPSS (CVSS>=9 AND EPSS>0.7, *1.10), recently published (within last 7 days, *1.05). Final score clamped to [0, 100]. Label bands: CRITICAL>=90, HIGH>=70, MEDIUM>=40, LOW<40. Urgency text encodes patch SLA (immediate when KEV; 24h/72h/30d by label). Use to triage a single CVE without orchestrating cve_lookup + exploit_lookup separately. PoC signal here is the local ExploitDB mirror only — for full multi-source exploit detail (GitHub Advisory + Shodan refs + ExploitDB), call exploit_lookup separately. Methodology adapted from mukul975/cve-mcp-server (Apache-2.0): https://github.com/mukul975/cve-mcp-server. Free: 30/hr, Pro: 500/hr. Returns {cve_id, score (0-100), label (CRITICAL/HIGH/MEDIUM/LOW), urgency, has_public_poc, components (cvss_v3, epss_score, in_kev, has_public_poc, weighted_breakdown), boosters_applied, recommendation, summary, verdict, next_calls}.

  Connector

• get_logs

  BorealHost

  Retrieve container logs (error, access, or PHP). Requires: API key with read scope. Args: slug: Site identifier log_type: "error" (Nginx/Apache errors), "access" (HTTP request log), or "php" (PHP-FPM errors, WordPress sites only) lines: Number of lines to retrieve (1–500, default: 100) search: Optional keyword filter — only lines containing this string Returns: {"log_type": "error", "lines": ["2024-01-15 ... error ...", ...], "count": 42, "truncated": false} Errors: NOT_FOUND: Unknown slug VALIDATION_ERROR: Invalid log_type or lines out of range

  Connector

• search_vulnerabilities

  Exploit Intelligence Platform — CVE, Vulnerability and Exploit Database

  Search the Exploit Intelligence Platform for vulnerabilities (CVEs). Returns a list of matching CVEs with CVSS scores, EPSS exploitation probability, exploit counts, CISA KEV status, VulnCheck KEV, InTheWild.io exploitation signals, and ransomware attribution. Supports full-text search, severity/vendor/product/ecosystem/CWE filters, CVSS/EPSS thresholds, plus any_exploited and ransomware filters. When sort is omitted, the API may automatically prefer newest exploitation, exploit, or nuclei-template activity based on the filters you set. Examples: query='apache httpd' with has_exploits=true; vendor='fortinet' with severity='critical' and is_kev=true sorted by epss_desc; any_exploited=true with ransomware=true for ransomware-linked CVEs; cwe='89' with min_cvss=9 for critical SQL injection CVEs.

  Connector

• search_exploits

  Exploit Intelligence Platform — CVE, Vulnerability and Exploit Database

  Browse and filter exploits using STRUCTURED FILTERS ONLY (no free-text query). Use this to filter by source (github, metasploit, exploitdb, nomisec, gitlab, inthewild, vulncheck_xdb, patchapalooza), language (python, ruby, etc.), LLM classification (working_poc, trojan, suspicious, scanner, stub, writeup, tool, no_code), author, min stars, code availability, CVE ID, vendor, or product. Also filter by AI analysis: attack_type (RCE, SQLi, XSS, DoS, LPE, auth_bypass, info_leak), complexity (trivial/simple/moderate/complex), reliability (reliable/unreliable/untested/theoretical), requires_auth. NOTE: To search by product name (e.g. 'OpenSSH', 'Apache'), use search_vulnerabilities instead — it has free-text query and get_vulnerability already includes exploits in the response. Examples: source='metasploit' for all Metasploit modules; attack_type='RCE' with reliability='reliable' for weaponizable RCE exploits; cve='CVE-2024-3400' for all exploits targeting a specific CVE; vendor='mitel' for all Mitel exploits.

  Connector

• get_license

  Spdx License

  Get metadata + descriptors for one SPDX license id (e.g. "MIT", "Apache-2.0", "GPL-3.0-or-later").

  Connector

• get_osv_advisory_by_id

  TensorFeed

  Look up a single OSV.dev advisory by ID. Accepts GHSA / CVE / PYSEC / RUSTSEC / GO / OSV / DSA / ALPINE / DEBIAN / UBUNTU and other documented identifier prefixes. License: Apache 2.0.

  Connector

• list_detection_catalog

  Tenzro Ledger MCP

  Browse the curated ONNX detection catalog: RF-DETR (nano/small/medium/base/large/2xl) — first real-time detector >60 AP on COCO (ICLR 2026); D-FINE (n/s/m/l/x). All Apache-2.0.

  Connector

• cve_search_by_vendor

  livedatalink

  Search CVEs by vendor with optional product and date range filters. Vendor is matched against the NVD CPE namespace, e.g. 'apache', 'microsoft'.

  Connector

• get_osv_advisory_for_package

  TensorFeed

  Cross-ecosystem vulnerability advisory lookup via OSV.dev. Given an ecosystem (PyPI, npm, Go, crates.io, Maven, NuGet, RubyGems, Packagist, etc) and a package name (optional version), returns advisories affecting that package. License: Apache 2.0.

  Connector

• search

  Hal Fr

  Solr-style search across HAL.

  Connector

• search_terms

  VirtualFlyBrain

  Search for VFB terms using the Solr search server. Results can be filtered, excluded, or boosted by entity type using facets_annotation values. Available filter types: entity, anatomy, nervous_system, individual, has_image, adult, cell, neuron, vfb, has_neuron_connectivity, nblast, visual_system, cholinergic, class, secondary_neuron, expression_pattern, gabaergic, expression_pattern_fragment, glutamatergic, feature, sensory_neuron, neuronbridge, deprecated, larva, has_region_connectivity, nblastexp, gene, primary_neuron, flycircuit, mechanosensory_system, histaminergic, lineage_mbp, peptidergic, hasscrnaseq, chemosensory_system, split, has_subclass, olfactory_system, dopaminergic, fafb, l1em, pub, enzyme, motor_neuron, cluster, lineage_6, lineage_3, serotonergic, lineage_19, lineage_cm3, lineage_dm6, proprioceptive_system, gustatory_system, sense_organ, lineage_mbp4, lineage_mbp1, lineage_1, lineage_mbp2, lineage_all1, lineage_balc, lineage_cm4, lineage_dm4, muscle, lineage_13, lineage_8, lineage_mbp3, lineage_12, lineage_dm1, lineage_dpmm1, lineage_9, lineage_cp2, lineage_dl1, fanc, lineage_7, lineage_vpnd2, lineage_dm3, lineage_dpmpm2, lineage_14, lineage_4, lineage_blp1, lineage_dalv2, lineage_eba1, lineage_dm2, lineage_dpmpm1, auditory_system, lineage_16, lineage_blvp1, lineage_blav2, lineage_vlpl2, lineage_alad1, lineage_bamv3, lineage_bld6, lineage_vpnd1, synaptic_neuropil, lineage_23, lineage_17, lineage_10, lineage_dplpv, lineage_21, lineage_alv1 Multiple filter_types are ANDed (results must match ALL). Multiple exclude_types are ORed (any match excludes). boost_types soft-rank matching results higher without excluding others.

  Connector

• search

  Orcid

  Expanded search (Solr-style query) across the ORCID Registry.

  Connector

• search

  Plos

  Solr search across all PLOS journals.

  Connector

• cve_security_lookup

  mcp-knowledge

  Look up CVE vulnerability data for enterprise security teams, DevSecOps and SOC analysts. Supports two modes: exact CVE ID lookup (e.g. 'CVE-2024-3094') or keyword search by product/vendor (e.g. 'openssl', 'Apache Tomcat'). Cross-references four authoritative keyless sources: NVD NIST (official CVE database, CVSS v3 scores, affected CPEs), CISA KEV (Known Exploited Vulnerabilities catalog — exploit_in_wild flag), EPSS FIRST (exploit probability 0-1), GitHub Security Advisories (ecosystem-specific: npm/pypi/maven). Returns structured vulnerability records with CVSS v3 scores, affected product version ranges, CWE weakness classification, references and exploitation status. Signals engine produces P0/P1/P2 alerts: P0=CVSS>=9 + active exploitation, P1=CVSS>=7 or EPSS>=70%, P2=CWE pattern clusters. Relevant for EU NIS2 and DORA supply chain risk obligations. Optional env: NVD_API_KEY (raises NVD rate-limit 5→50 req/30s), GITHUB_TOKEN (raises GHSA GraphQL rate-limit). Cache TTL 6h. SLA <=25s p95.

  Connector