Cve Search Mcp
A Model Context Protocol (MCP) server for querying the CVE-Search API
Overview
What is CVE-Search MCP?
CVE-Search MCP (Model Context Protocol) is a server designed to connect with the CVE-Search API. It enables users to efficiently query and retrieve information about Common Vulnerabilities and Exposures (CVEs). This tool is especially beneficial for developers, security professionals, and organizations that need to remain informed about vulnerabilities impacting their software and systems.
Features of CVE-Search MCP
- API Integration: Integrates smoothly with the CVE-Search API to provide real-time data on vulnerabilities.
- User-Friendly Interface: Designed for simplicity, making it easy for users to navigate and access information.
- Open Source: As a public repository, users can contribute to its development and customize it to meet their needs.
- Notifications: Users can subscribe to alerts for updates on specific vulnerabilities or changes in the database.
- Forking and Collaboration: Users can fork the repository to create their own versions and collaborate with others in the community.
How to Use CVE-Search MCP
- Installation: Clone the repository from GitHub and follow the installation instructions in the README file.
- Configuration: Set up the necessary configurations to connect to the CVE-Search API.
- Querying: Use the provided endpoints to query specific CVEs, retrieve details, and analyze the data.
- Contributing: If you have improvements or features to add, you can fork the repository, make your changes, and submit a pull request.
Frequently Asked Questions
What is a CVE?
A CVE (Common Vulnerabilities and Exposures) is a publicly disclosed cybersecurity vulnerability. Each CVE is given a unique identifier to aid in sharing and tracking.
How can I contribute to CVE-Search MCP?
You can contribute by forking the repository, making improvements or adding features, and then submitting a pull request for review.
Is CVE-Search MCP free to use?
Yes, CVE-Search MCP is an open-source project, and it is free to use and modify under the MIT license.
Where can I find documentation for CVE-Search MCP?
Documentation is usually found in the repository's README file or in a dedicated docs folder within the repository.
How do I report a bug or issue?
You can report bugs or issues by opening an issue in the GitHub repository, providing as much detail as possible to assist the maintainers in addressing it effectively.
Details
CVE-Search MCP Server
A Model Context Protocol (MCP) server for querying the CVE-Search API. This server provides comprehensive access to CVE-Search, browse vendor and product、get CVE per CVE-ID、get the last updated CVEs.
Requirements
- python 3.10+
- uv
- Cline、Roo Code etc
Tools
- To get a JSON with all the vendors
- To get a JSON with all the products associated to a vendor
- To get a JSON with all the vulnerabilities per vendor and a specific product
- To get a JSON of a specific CVE ID
- To get a JSON of the last 30 CVEs including CAPEC, CWE and CPE expansions
- To get more information about the current databases in use and when it was updated
Quick Start
- Git clone this repository
git clone https://github.com/roadwy/cve-search_mcp.git
- Install the dependencies
cd cve-search_mcp
uv sync
3.Add to your mcp client(vscode with cline/roo code) configuration file, modify the "YOU_CVE_SEARCH_MCP_DIR_PATH" as you self dir.
"cve-search_mcp": {
"command": "uv",
"args": [
"--directory",
"YOU_CVE_SEARCH_MCP_DIR_PATH",
"run",
"main.py"
],
"disabled": false,
"autoApprove": []
}
Reference
Server Config
{
"mcpServers": {
"cve-search-mcp": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"ghcr.io/metorial/mcp-container--roadwy--cve-search_mcp--cve-search-mcp",
"python main.py --directory directory"
],
"env": {}
}
}
}
