Cette page est affichée en anglais. Une traduction française est en cours.
MCP ConfigsMay 12, 2026·2 min de lecture

CVE MCP Server — Security Intel for Claude

cve-mcp-server is a security intelligence MCP server; start free with EPSS/KEV/NVD, then add an NVD key to jump from 5 to 50 req/30s.

MCP Hub
MCP Hub · Community
Prêt pour agents

Staging sûr pour cet actif

Cet actif est d'abord staged. Le prompt copié demande à l'agent d'inspecter les fichiers staged avant d'activer scripts, config MCP ou config globale.

Stage only · 17/100Policy : staging
Surface agent
Tout agent MCP/CLI
Type
Mcp Config
Installation
Stage only
Confiance
Confiance : Established
Point d'entrée
Asset
Commande de staging sûr
npx -y tokrepo@latest install e2527e64-be66-572b-82a3-191e7bdeef75 --target codex

Stage les fichiers d'abord; l'activation exige la revue du README et du plan staged.

Introduction

cve-mcp-server is a security intelligence MCP server; start free with EPSS/KEV/NVD, then add an NVD key to jump from 5 to 50 req/30s.

  • Best for: teams triaging CVEs who want correlated signals (CVSS, EPSS, KEV, advisories) in one agent workflow
  • Works with: Python; Claude Desktop/Claude Code via MCP; optional API keys for higher limits and more intel sources
  • Setup time: 15–40 minutes

Practical Notes

  • Quant: README says adding NVD_API_KEY increases NVD rate limit from 5 → 50 requests per 30 seconds.
  • Quant: the MCP inspector example opens at http://localhost:6274 for interactive tool testing.

Main

A staged rollout that avoids alert fatigue:

  1. Start with free signals (EPSS + CISA KEV + baseline NVD) to answer “is this exploited?”.
  2. Add NVD_API_KEY early for throughput (5→50 req/30s), then add other keys only if you truly need them.
  3. Write a triage prompt template that always outputs: affected versions, exploit likelihood, KEV status, and a patch recommendation with deadline.

Keep .env out of git and treat threat-intel keys as production secrets.

FAQ

Q: Can I start without any API keys? A: Yes—README says you can test with free tools first and add keys progressively.

Q: Why add NVD key first? A: It provides a 10× throughput bump: 5→50 requests per 30 seconds.

Q: How do I validate the server? A: Use claude mcp list or run the MCP inspector on localhost to test tools interactively.

🙏

Source et remerciements

Source: https://github.com/mukul975/cve-mcp-server > License: Apache-2.0 > GitHub stars: 561 · forks: 93

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires