CVE-MCP-Server

Cyber-Agents-Fleet/CVE-MCP-Server

3.1

If you are the rightful owner of CVE-MCP-Server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.

The CVE-MCP Server is a Model Context Protocol server designed to integrate AI agents with CVE databases for enhanced threat intelligence and vulnerability assessment.

Tools
4
Resources
0
Prompts
0

🛡️ CVE-MCP Server

Model Context Protocol Server for CVE Database Integration

A production-ready MCP server that provides AI agents with seamless access to Common Vulnerabilities and Exposures (CVE) databases, enabling automated threat intelligence gathering and vulnerability assessment workflows.

🎯 Overview

The CVE-MCP server bridges the gap between AI agents and vulnerability databases, providing standardized access to:

  • National Vulnerability Database (NVD)
  • MITRE CVE Database
  • GitHub Security Advisories
  • Exploit Database correlations
  • CVSS scoring and impact analysis

✨ Features

🔍 CVE Query Capabilities

  • Search by CVE ID, CVSS score, vendor, product
  • Date range filtering and severity classification
  • Advanced search with multiple criteria
  • Real-time vulnerability feeds

📊 Threat Intelligence

  • CVSS v3.1/v4.0 scoring integration
  • Exploit availability detection
  • Patch status and remediation guidance
  • Impact assessment and risk scoring

🔗 Data Source Integration

  • NVD API v2.0 with rate limiting
  • MITRE CVE JSON feeds
  • GitHub Security Advisory API
  • ExploitDB cross-referencing
  • Custom vulnerability feeds

🤖 AI Agent Integration

  • Structured data output for LLM consumption
  • Context-aware vulnerability summaries
  • Automated risk assessment reports
  • Integration with penetration testing workflows

🚀 Quick Start

Prerequisites

# Python 3.9+
python --version

# Install dependencies
pip install -r requirements.txt

Installation

# Clone the repository
git clone https://github.com/Cyber-Agents-Fleet/CVE-MCP.git
cd CVE-MCP

# Install in development mode
pip install -e .

# Configure environment
cp .env.example .env
# Edit .env with your API keys

Basic Usage

# Start the MCP server
python -m cve_mcp.server

# Test with sample queries
python scripts/test_queries.py

📋 API Reference

Core MCP Tools

search_cve

Search CVE database with flexible criteria

{
  "name": "search_cve",
  "arguments": {
    "cve_id": "CVE-2024-1234",
    "severity": "HIGH",
    "vendor": "microsoft",
    "product": "windows",
    "limit": 50
  }
}
get_cve_details

Retrieve comprehensive CVE information

{
  "name": "get_cve_details",
  "arguments": {
    "cve_id": "CVE-2024-1234",
    "include_exploits": true,
    "include_references": true
  }
}
vulnerability_feed

Get latest vulnerabilities by criteria

{
  "name": "vulnerability_feed",
  "arguments": {
    "days": 7,
    "severity_min": "MEDIUM",
    "with_exploits": true
  }
}
risk_assessment

Generate AI-friendly risk analysis

{
  "name": "risk_assessment",
  "arguments": {
    "cve_list": ["CVE-2024-1234", "CVE-2024-5678"],
    "environment": "enterprise",
    "include_mitigations": true
  }
}

🗂️ Repository Structure

CVE-MCP/
├── src/
│   └── cve_mcp/
│       ├── __init__.py
│       ├── server.py              # Main MCP server
│       ├── handlers/
│       │   ├── __init__.py
│       │   ├── cve_search.py      # CVE search handlers
│       │   ├── nvd_client.py      # NVD API client
│       │   ├── mitre_client.py    # MITRE integration
│       │   └── exploit_db.py      # Exploit database
│       ├── models/
│       │   ├── __init__.py
│       │   ├── cve.py             # CVE data models
│       │   └── vulnerability.py   # Vulnerability schemas
│       └── utils/
│           ├── __init__.py
│           ├── cvss.py            # CVSS calculations
│           ├── cache.py           # Caching utilities
│           └── rate_limiter.py    # API rate limiting
├── tests/
│   ├── __init__.py
│   ├── test_server.py
│   ├── test_handlers.py
│   └── fixtures/
├── scripts/
│   ├── setup_database.py
│   ├── test_queries.py
│   └── data_sync.py
├── docs/
│   ├── API.md
│   ├── DEPLOYMENT.md
│   ├── CONFIGURATION.md
│   └── EXAMPLES.md
├── docker/
│   ├── Dockerfile
│   └── docker-compose.yml
├── .env.example
├── .gitignore
├── requirements.txt
├── setup.py
├── pyproject.toml
└── README.md

⚙️ Configuration

Environment Variables

# API Keys
NVD_API_KEY=your_nvd_api_key
GITHUB_TOKEN=your_github_token

# Database
DATABASE_URL=sqlite:///cve_cache.db
REDIS_URL=redis://localhost:6379

# Rate Limiting
NVD_REQUESTS_PER_SECOND=0.5
GITHUB_REQUESTS_PER_HOUR=5000

# Caching
CACHE_TTL=3600
ENABLE_CACHE=true

Data Sources Configuration

# config/sources.yml
data_sources:
  nvd:
    enabled: true
    api_version: "2.0"
    base_url: "https://services.nvd.nist.gov/rest/json/cves/2.0"
    
  mitre:
    enabled: true
    feed_url: "https://cve.mitre.org/data/downloads/allitems.csv"
    
  github:
    enabled: true
    api_url: "https://api.github.com/advisories"
    
  exploitdb:
    enabled: true
    csv_url: "https://gitlab.com/exploit-database/exploitdb/-/raw/main/files_exploits.csv"

🔧 Development

Setting up Development Environment

# Create virtual environment
python -m venv venv
source venv/bin/activate  # On Windows: venv\Scripts\activate

# Install development dependencies
pip install -r requirements-dev.txt

# Install pre-commit hooks
pre-commit install

# Run tests
pytest tests/ -v

# Run with coverage
pytest --cov=cve_mcp tests/

Running Tests

# Unit tests
pytest tests/unit/

# Integration tests
pytest tests/integration/

# Performance tests
pytest tests/performance/

🐳 Docker Deployment

Quick Start with Docker

# Build and run
docker-compose up -d

# View logs
docker-compose logs -f cve-mcp

# Scale for high availability
docker-compose up -d --scale cve-mcp=3

Production Deployment

# Production build
docker build -f docker/Dockerfile.prod -t cve-mcp:prod .

# Deploy with orchestration
kubectl apply -f k8s/

📚 Usage Examples

Integration with AI Agents

from mcp import ClientSession
from cve_mcp.client import CVEMCPClient

# Connect to CVE-MCP server
client = CVEMCPClient("http://localhost:8000")

# Search for recent high-severity CVEs
recent_cves = await client.vulnerability_feed(
    days=30,
    severity_min="HIGH",
    with_exploits=True
)

# Generate risk assessment for AI agent
risk_report = await client.risk_assessment(
    cve_list=[cve["id"] for cve in recent_cves],
    environment="enterprise",
    include_mitigations=True
)

Penetration Testing Workflow

# Find vulnerabilities for specific target
target_cves = await client.search_cve(
    vendor="microsoft",
    product="exchange",
    severity="CRITICAL"
)

# Check for available exploits
exploitable = [
    cve for cve in target_cves 
    if cve.get("exploit_available")
]

🔒 Security Considerations

  • API Key Management: Secure storage of API credentials
  • Rate Limiting: Respect upstream API limits
  • Data Validation: Input sanitization and validation
  • Access Control: Authentication for production deployments
  • Audit Logging: Comprehensive request/response logging

📄 License

This project is licensed under the MIT License - see the file for details.

🤝 Contributing

Please read for details on our code of conduct and the process for submitting pull requests.

📞 Support

⚠️ Disclaimer

This tool is designed for authorized security testing and research purposes only. Users are responsible for compliance with applicable laws and regulations.

CVE-MCP Server - Empowering AI Agents with Vulnerability Intelligence

License: MIT Python 3.9+ MCP Compatible