Cette page est affichée en anglais. Une traduction française est en cours.
MCP ConfigsMay 12, 2026·2 min de lecture

CVE MCP Server — Security Intel for Claude

cve-mcp-server is a security intelligence MCP server; start free with EPSS/KEV/NVD, then add an NVD key to jump from 5 to 50 req/30s.

MCP Hub
MCP Hub · Community
Prêt pour agents

Cet actif peut être lu et installé directement par les agents

TokRepo expose une commande CLI universelle, un contrat d'installation, le metadata JSON, un plan selon l'adaptateur et le contenu raw pour aider les agents à juger l'adaptation, le risque et les prochaines actions.

Needs Confirmation · 62/100Policy : confirmer
Surface agent
Tout agent MCP/CLI
Type
Mcp
Installation
Manual
Confiance
Confiance : Established
Point d'entrée
python -m cve_mcp.server
Commande CLI universelle
npx tokrepo install e2527e64-be66-572b-82a3-191e7bdeef75
contrat d'installationJSON metadataplan adaptateurcontenu raw
Introduction

cve-mcp-server is a security intelligence MCP server; start free with EPSS/KEV/NVD, then add an NVD key to jump from 5 to 50 req/30s.

  • Best for: teams triaging CVEs who want correlated signals (CVSS, EPSS, KEV, advisories) in one agent workflow
  • Works with: Python; Claude Desktop/Claude Code via MCP; optional API keys for higher limits and more intel sources
  • Setup time: 15–40 minutes

Practical Notes

  • Quant: README says adding NVD_API_KEY increases NVD rate limit from 5 → 50 requests per 30 seconds.
  • Quant: the MCP inspector example opens at http://localhost:6274 for interactive tool testing.

Main

A staged rollout that avoids alert fatigue:

  1. Start with free signals (EPSS + CISA KEV + baseline NVD) to answer “is this exploited?”.
  2. Add NVD_API_KEY early for throughput (5→50 req/30s), then add other keys only if you truly need them.
  3. Write a triage prompt template that always outputs: affected versions, exploit likelihood, KEV status, and a patch recommendation with deadline.

Keep .env out of git and treat threat-intel keys as production secrets.

FAQ

Q: Can I start without any API keys? A: Yes—README says you can test with free tools first and add keys progressively.

Q: Why add NVD key first? A: It provides a 10× throughput bump: 5→50 requests per 30 seconds.

Q: How do I validate the server? A: Use claude mcp list or run the MCP inspector on localhost to test tools interactively.

🙏

Source et remerciements

Source: https://github.com/mukul975/cve-mcp-server > License: Apache-2.0 > GitHub stars: 561 · forks: 93

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires

pentest-ai — Offensive Security MCP for Claude Code

pentest-ai is a Python CLI and MCP server that lets Claude Code run verified probes, chain attack paths, and export reports for authorized testing.

MCP Configs
MCP Hub

Awesome OSINT MCP Servers — Security Tools Directory

Curated OSINT MCP server directory (threat intel, recon, censorship). Discover endpoints and install via npx or remote HTTP transports.

MCP Configs
MCP Hub

MCP SSH Manager — Remote Ops via Claude/Codex

MCP SSH Manager is an MCP server that lets Claude Code and OpenAI Codex manage SSH sessions: run commands, sync files, and automate DevOps routines.

MCP Configs
MCP Hub

mcp-server-kubernetes — Kubernetes Ops via MCP

MCP server that lets agents run kubectl/Helm workflows against your clusters; works with Claude Code via npx; verified 1390★, pushed 2026-05-03.

MCP Configs
MCP Hub
Accueil🔍Rechercher👤Moi