# CVE MCP Server — Security Intel for Claude > cve-mcp-server is a security intelligence MCP server; start free with EPSS/KEV/NVD, then add an NVD key to jump from 5 to 50 req/30s. ## Install Merge the JSON below into your `.mcp.json`: ## Quick Use 1. Install (2 minutes): ```bash git clone https://github.com/mukul975/cve-mcp-server.git cd cve-mcp-server python -m venv venv && source venv/bin/activate pip install -e . ``` 2. Add to Claude Code: ```bash claude mcp add cve-mcp -- python -m cve_mcp.server claude mcp list ``` ## Intro cve-mcp-server is a security intelligence MCP server; start free with EPSS/KEV/NVD, then add an NVD key to jump from 5 to 50 req/30s. - **Best for:** teams triaging CVEs who want correlated signals (CVSS, EPSS, KEV, advisories) in one agent workflow - **Works with:** Python; Claude Desktop/Claude Code via MCP; optional API keys for higher limits and more intel sources - **Setup time:** 15–40 minutes ## Practical Notes - Quant: README says adding `NVD_API_KEY` increases NVD rate limit from **5 → 50 requests per 30 seconds**. - Quant: the MCP inspector example opens at **http://localhost:6274** for interactive tool testing. ## Main A staged rollout that avoids alert fatigue: 1. Start with **free signals** (EPSS + CISA KEV + baseline NVD) to answer “is this exploited?”. 2. Add `NVD_API_KEY` early for throughput (5→50 req/30s), then add other keys only if you truly need them. 3. Write a triage prompt template that always outputs: affected versions, exploit likelihood, KEV status, and a patch recommendation with deadline. Keep `.env` out of git and treat threat-intel keys as production secrets. ### FAQ **Q: Can I start without any API keys?** A: Yes—README says you can test with free tools first and add keys progressively. **Q: Why add NVD key first?** A: It provides a 10× throughput bump: 5→50 requests per 30 seconds. **Q: How do I validate the server?** A: Use `claude mcp list` or run the MCP inspector on localhost to test tools interactively. ## Source & Thanks > Source: https://github.com/mukul975/cve-mcp-server > License: Apache-2.0 > GitHub stars: 561 · forks: 93 --- ## 快速使用 1. 安装(约 2 分钟): ```bash git clone https://github.com/mukul975/cve-mcp-server.git cd cve-mcp-server python -m venv venv && source venv/bin/activate pip install -e . ``` 2. 接入 Claude Code: ```bash claude mcp add cve-mcp -- python -m cve_mcp.server claude mcp list ``` ## 简介 cve-mcp-server 是安全情报 MCP server,可先用 EPSS/KEV/NVD 等免费数据源起步;添加 NVD key 后速率从每 30 秒 5 次提升到 50 次,并支持逐步扩展更多情报源。 - **适合谁:** 希望用一个 agent 工作流把 CVSS/EPSS/KEV/公告等信号关联起来的安全与研发团队 - **可搭配:** Python;通过 MCP 接入 Claude Desktop/Claude Code;可选 API key 提升速率与数据覆盖 - **准备时间:** 15–40 分钟 ## 实战建议 - 量化信息:README 标注添加 `NVD_API_KEY` 后 NVD 速率从 **每 30 秒 5 次 → 50 次**。 - 量化信息:MCP Inspector 示例默认在 **http://localhost:6274** 打开进行交互测试。 ## 主要内容 避免告警疲劳的分阶段接入: 1. 先用 **免费信号**(EPSS + CISA KEV + 基础 NVD)回答“是否在野利用?”。 2. 尽早加 `NVD_API_KEY` 提升吞吐(5→50/30s),其他 key 只在确有需要时再补齐。 3. 固化一个 triage 模板:受影响版本、利用概率、KEV 状态、以及带截止时间的修复建议。 务必把 `.env` 排除出 git,并将情报类 key 按生产密钥管理。 ### FAQ **不配任何 key 能用吗?** 答:能;README 说明可先用免费工具测试,再逐步添加 key。 **为什么优先加 NVD key?** 答:吞吐提升 10×:每 30 秒 5 次提升到 50 次。 **怎么验证接入成功?** 答:用 `claude mcp list`,或用 MCP Inspector 在本地交互测试工具。 ## 来源与感谢 > Source: https://github.com/mukul975/cve-mcp-server > License: Apache-2.0 > GitHub stars: 561 · forks: 93 --- Source: https://tokrepo.com/en/workflows/cve-mcp-server-security-intel-for-claude Author: MCP Hub