Cve Search_mcp

Cve Search_mcp

By roadwy GitHub

A Model Context Protocol (MCP) server for querying the CVE-Search API

Overview

What is CVE-Search MCP?

CVE-Search MCP is a Model Context Protocol server designed for querying the CVE-Search API, providing comprehensive access to CVE data including vendor and product information, CVE details by ID, and the latest CVEs.

How to use CVE-Search MCP?

To use CVE-Search MCP, clone the repository from GitHub, install the necessary dependencies, and configure your MCP client to point to the server's directory.

Key features of CVE-Search MCP?

  • Access to a JSON of all vendors and their associated products.
  • Retrieve vulnerabilities for specific vendors and products.
  • Get detailed information for specific CVE IDs.
  • Access the latest 30 CVEs with CAPEC, CWE, and CPE expansions.
  • Information about the current databases in use and their last updated times.

Use cases of CVE-Search MCP?

  1. Security researchers can query vulnerabilities associated with specific products.
  2. Developers can integrate CVE data into their applications for enhanced security.
  3. Organizations can monitor the latest vulnerabilities affecting their software stack.

FAQ from CVE-Search MCP?

  • What programming language is CVE-Search MCP written in?

CVE-Search MCP is written in Python.

  • What are the system requirements?

You need Python 3.10 or higher and additional tools like uv and Cline/Roo Code.

  • Is there a graphical interface for CVE-Search MCP?

No, CVE-Search MCP is a server that interacts with clients via the MCP protocol.

Content

CVE-Search MCP Server

CVE-SEARCH_MCP

A Model Context Protocol (MCP) server for querying the CVE-Search API. This server provides comprehensive access to CVE-Search, browse vendor and product、get CVE per CVE-ID、get the last updated CVEs.

Requirements

  • python 3.10+
  • uv
  • Cline、Roo Code etc

Tools

  • To get a JSON with all the vendors
  • To get a JSON with all the products associated to a vendor
  • To get a JSON with all the vulnerabilities per vendor and a specific product
  • To get a JSON of a specific CVE ID
  • To get a JSON of the last 30 CVEs including CAPEC, CWE and CPE expansions
  • To get more information about the current databases in use and when it was updated

Quick Start

  1. Git clone this repository
git clone https://github.com/roadwy/cve-search_mcp.git
  1. Install the dependencies
cd cve-search_mcp
uv sync

3.Add to your mcp client(vscode with cline/roo code) configuration file, modify the "YOU_CVE_SEARCH_MCP_DIR_PATH" as you self dir.

    "cve-search_mcp": {
      "command": "uv",
      "args": [
        "--directory",
        "YOU_CVE_SEARCH_MCP_DIR_PATH",
        "run",
        "main.py"
      ],
      "disabled": false,
      "autoApprove": []
    }

Reference

https://github.com/cve-search/cve-search

No tools information available.
No content found.