CVE-MCP-Server

Cyber-Agents-Fleet/CVE-MCP-Server

3.2

If you are the rightful owner of CVE-MCP-Server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

The CVE-MCP Server is a Model Context Protocol server designed to integrate AI agents with CVE databases for enhanced threat intelligence and vulnerability assessment.

Tools
4
Resources
0
Prompts
0

šŸ›”ļø CVE-MCP Server

Model Context Protocol Server for CVE Database Integration

A production-ready MCP server that provides AI agents with seamless access to Common Vulnerabilities and Exposures (CVE) databases, enabling automated threat intelligence gathering and vulnerability assessment workflows.

šŸŽÆ Overview

The CVE-MCP server bridges the gap between AI agents and vulnerability databases, providing standardized access to:

  • National Vulnerability Database (NVD)
  • MITRE CVE Database
  • GitHub Security Advisories
  • Exploit Database correlations
  • CVSS scoring and impact analysis

āœØ Features

šŸ” CVE Query Capabilities

  • Search by CVE ID, CVSS score, vendor, product
  • Date range filtering and severity classification
  • Advanced search with multiple criteria
  • Real-time vulnerability feeds

šŸ“Š Threat Intelligence

  • CVSS v3.1/v4.0 scoring integration
  • Exploit availability detection
  • Patch status and remediation guidance
  • Impact assessment and risk scoring

šŸ”— Data Source Integration

  • NVD API v2.0 with rate limiting
  • MITRE CVE JSON feeds
  • GitHub Security Advisory API
  • ExploitDB cross-referencing
  • Custom vulnerability feeds

šŸ¤– AI Agent Integration

  • Structured data output for LLM consumption
  • Context-aware vulnerability summaries
  • Automated risk assessment reports
  • Integration with penetration testing workflows

šŸš€ Quick Start

Prerequisites

# Python 3.9+
python --version

# Install dependencies
pip install -r requirements.txt

Installation

# Clone the repository
git clone https://github.com/Cyber-Agents-Fleet/CVE-MCP.git
cd CVE-MCP

# Install in development mode
pip install -e .

# Configure environment
cp .env.example .env
# Edit .env with your API keys

Basic Usage

# Start the MCP server
python -m cve_mcp.server

# Test with sample queries
python scripts/test_queries.py

šŸ“‹ API Reference

Core MCP Tools

search_cve

Search CVE database with flexible criteria

{
  "name": "search_cve",
  "arguments": {
    "cve_id": "CVE-2024-1234",
    "severity": "HIGH",
    "vendor": "microsoft",
    "product": "windows",
    "limit": 50
  }
}
get_cve_details

Retrieve comprehensive CVE information

{
  "name": "get_cve_details",
  "arguments": {
    "cve_id": "CVE-2024-1234",
    "include_exploits": true,
    "include_references": true
  }
}
vulnerability_feed

Get latest vulnerabilities by criteria

{
  "name": "vulnerability_feed",
  "arguments": {
    "days": 7,
    "severity_min": "MEDIUM",
    "with_exploits": true
  }
}
risk_assessment

Generate AI-friendly risk analysis

{
  "name": "risk_assessment",
  "arguments": {
    "cve_list": ["CVE-2024-1234", "CVE-2024-5678"],
    "environment": "enterprise",
    "include_mitigations": true
  }
}

šŸ—‚ļø Repository Structure

CVE-MCP/
ā”œā”€ā”€ src/
ā”‚   ā””ā”€ā”€ cve_mcp/
ā”‚       ā”œā”€ā”€ __init__.py
ā”‚       ā”œā”€ā”€ server.py              # Main MCP server
ā”‚       ā”œā”€ā”€ handlers/
ā”‚       ā”‚   ā”œā”€ā”€ __init__.py
ā”‚       ā”‚   ā”œā”€ā”€ cve_search.py      # CVE search handlers
ā”‚       ā”‚   ā”œā”€ā”€ nvd_client.py      # NVD API client
ā”‚       ā”‚   ā”œā”€ā”€ mitre_client.py    # MITRE integration
ā”‚       ā”‚   ā””ā”€ā”€ exploit_db.py      # Exploit database
ā”‚       ā”œā”€ā”€ models/
ā”‚       ā”‚   ā”œā”€ā”€ __init__.py
ā”‚       ā”‚   ā”œā”€ā”€ cve.py             # CVE data models
ā”‚       ā”‚   ā””ā”€ā”€ vulnerability.py   # Vulnerability schemas
ā”‚       ā””ā”€ā”€ utils/
ā”‚           ā”œā”€ā”€ __init__.py
ā”‚           ā”œā”€ā”€ cvss.py            # CVSS calculations
ā”‚           ā”œā”€ā”€ cache.py           # Caching utilities
ā”‚           ā””ā”€ā”€ rate_limiter.py    # API rate limiting
ā”œā”€ā”€ tests/
ā”‚   ā”œā”€ā”€ __init__.py
ā”‚   ā”œā”€ā”€ test_server.py
ā”‚   ā”œā”€ā”€ test_handlers.py
ā”‚   ā””ā”€ā”€ fixtures/
ā”œā”€ā”€ scripts/
ā”‚   ā”œā”€ā”€ setup_database.py
ā”‚   ā”œā”€ā”€ test_queries.py
ā”‚   ā””ā”€ā”€ data_sync.py
ā”œā”€ā”€ docs/
ā”‚   ā”œā”€ā”€ API.md
ā”‚   ā”œā”€ā”€ DEPLOYMENT.md
ā”‚   ā”œā”€ā”€ CONFIGURATION.md
ā”‚   ā””ā”€ā”€ EXAMPLES.md
ā”œā”€ā”€ docker/
ā”‚   ā”œā”€ā”€ Dockerfile
ā”‚   ā””ā”€ā”€ docker-compose.yml
ā”œā”€ā”€ .env.example
ā”œā”€ā”€ .gitignore
ā”œā”€ā”€ requirements.txt
ā”œā”€ā”€ setup.py
ā”œā”€ā”€ pyproject.toml
ā””ā”€ā”€ README.md

āš™ļø Configuration

Environment Variables

# API Keys
NVD_API_KEY=your_nvd_api_key
GITHUB_TOKEN=your_github_token

# Database
DATABASE_URL=sqlite:///cve_cache.db
REDIS_URL=redis://localhost:6379

# Rate Limiting
NVD_REQUESTS_PER_SECOND=0.5
GITHUB_REQUESTS_PER_HOUR=5000

# Caching
CACHE_TTL=3600
ENABLE_CACHE=true

Data Sources Configuration

# config/sources.yml
data_sources:
  nvd:
    enabled: true
    api_version: "2.0"
    base_url: "https://services.nvd.nist.gov/rest/json/cves/2.0"
    
  mitre:
    enabled: true
    feed_url: "https://cve.mitre.org/data/downloads/allitems.csv"
    
  github:
    enabled: true
    api_url: "https://api.github.com/advisories"
    
  exploitdb:
    enabled: true
    csv_url: "https://gitlab.com/exploit-database/exploitdb/-/raw/main/files_exploits.csv"

šŸ”§ Development

Setting up Development Environment

# Create virtual environment
python -m venv venv
source venv/bin/activate  # On Windows: venv\Scripts\activate

# Install development dependencies
pip install -r requirements-dev.txt

# Install pre-commit hooks
pre-commit install

# Run tests
pytest tests/ -v

# Run with coverage
pytest --cov=cve_mcp tests/

Running Tests

# Unit tests
pytest tests/unit/

# Integration tests
pytest tests/integration/

# Performance tests
pytest tests/performance/

šŸ³ Docker Deployment

Quick Start with Docker

# Build and run
docker-compose up -d

# View logs
docker-compose logs -f cve-mcp

# Scale for high availability
docker-compose up -d --scale cve-mcp=3

Production Deployment

# Production build
docker build -f docker/Dockerfile.prod -t cve-mcp:prod .

# Deploy with orchestration
kubectl apply -f k8s/

šŸ“š Usage Examples

Integration with AI Agents

from mcp import ClientSession
from cve_mcp.client import CVEMCPClient

# Connect to CVE-MCP server
client = CVEMCPClient("http://localhost:8000")

# Search for recent high-severity CVEs
recent_cves = await client.vulnerability_feed(
    days=30,
    severity_min="HIGH",
    with_exploits=True
)

# Generate risk assessment for AI agent
risk_report = await client.risk_assessment(
    cve_list=[cve["id"] for cve in recent_cves],
    environment="enterprise",
    include_mitigations=True
)

Penetration Testing Workflow

# Find vulnerabilities for specific target
target_cves = await client.search_cve(
    vendor="microsoft",
    product="exchange",
    severity="CRITICAL"
)

# Check for available exploits
exploitable = [
    cve for cve in target_cves 
    if cve.get("exploit_available")
]

šŸ”’ Security Considerations

  • API Key Management: Secure storage of API credentials
  • Rate Limiting: Respect upstream API limits
  • Data Validation: Input sanitization and validation
  • Access Control: Authentication for production deployments
  • Audit Logging: Comprehensive request/response logging

šŸ“„ License

This project is licensed under the MIT License - see the file for details.

šŸ¤ Contributing

Please read for details on our code of conduct and the process for submitting pull requests.

šŸ“ž Support

āš ļø Disclaimer

This tool is designed for authorized security testing and research purposes only. Users are responsible for compliance with applicable laws and regulations.

CVE-MCP Server - Empowering AI Agents with Vulnerability Intelligence

License: MIT Python 3.9+ MCP Compatible