EPSS-MCP

EPSS-MCP

3.4
securitydeveloper_tools

If you are the rightful owner of EPSS-MCP and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

The EPSS MCP Project is a server designed to retrieve CVE details from the NVD API and fetch EPSS scores, providing comprehensive vulnerability information.

EPSS MCP Project

The EPSS MCP Project is a powerful server designed to retrieve CVE details from the NVD API and fetch EPSS scores from the EPSS server. It provides users with comprehensive vulnerability information, including CVE descriptions, CWEs, CVSS scores, and EPSS percentiles, all in one place.

Features

  • Comprehensive CVE Information: Fetch detailed vulnerability data, including descriptions, CWEs, and CVSS scores, directly from the NVD API.
  • EPSS Integration: Retrieve EPSS scores and percentiles to assess the likelihood of exploitation for specific vulnerabilities.
  • MCP Server: Serve data through a robust and extensible MCP server for seamless integration with other tools.
  • Docker Support: Easily deploy the server using Docker for a consistent and portable runtime environment.
  • VS Code Compatibility: Integrate with VS Code MCP for enhanced developer workflows and real-time vulnerability insights.

Prerequisites

  • Python 3.13 or higher
  • Docker (optional, for containerized deployment)
  • An NVD API key (add it to the .env file as NVD_API_KEY)

Setup Instructions

1. Clone the Repository

git clone <repository-url>
cd epss-mcp-project

2. Install Dependencies

It is recommended to use a virtual environment. You can create one using venv or conda. Then, install the required packages:

pip install -r requirements.txt

3. Add Your NVD API Key

Create a .env file in the project root and add your NVD API key:

NVD_API_KEY=your-nvd-api-key

Usage

Installing via Smithery

To install EPSS Vulnerability Scoring Server for Claude Desktop automatically via Smithery:

npx -y @smithery/cli install @jgamblin/EPSS-MCP --client claude

Running the MCP Server Locally

To start the MCP server locally, run:

python epss_mcp.py

Once the server is running, you can make requests to retrieve CVE details by specifying the CVE ID.

Example Request

To get details for a specific CVE, use the following format:

GET /cve/<CVE-ID>

Replace <CVE-ID> with the actual CVE identifier (e.g., CVE-2022-1234).

Docker Deployment (for Open-WebUI)

If you want to run the MCP server in Open-WebUI, follow these steps:

1. Build the Docker Image

To build the Docker container, run:

docker build -t epss_mcp .

2. Run the Docker Container

Run the container and expose it on port 8000:

docker run -p 8000:8000 epss_mcp

The MCP server will now be accessible at http://localhost:8000.

WebUI Screenshot

Below is a screenshot of the MCP server running in the Open-WebUI:

Suggested System Prompt for WebUI

When using the MCP server in Open-WebUI, you can configure the following system prompt to guide interactions:

You are a specialized AI Assistant focused on the Exploit Prediction Scoring System (EPSS). Your expertise lies in delivering and interpreting EPSS data, which includes daily updated probability scores (0-1) and percentiles for Common Vulnerabilities and Exposures (CVEs), indicating the likelihood of their exploitation in the wild within the next 30 days. You are to help cybersecurity professionals understand these predictions, compare them with other metrics like CVSS scores, and use this information to prioritize vulnerability remediation efforts effectively. Provide actionable, data-driven insights in a clear, technically accurate, professional, and solution-oriented manner.

Serving to VS Code MCP

To serve the MCP server to VS Code MCP, follow these steps:

  1. Add the Local Server to VS Code: Open your VS Code settings.json file and add the following configuration to register the local server:

    "mcp.servers": {
    "EPSS_MCP": {
        "type": "stdio",
        "command": "python",
        "args": [
            "/Github/EPSS-MCP/epss_mcp.py"
        ]
    }
}

    Note: Make sure to update the args path to match the location of the epss_mcp.py file on your local machine.

  2. Connect to VS Code:

    • Open VS Code.
    • Install the Microsoft Copilot Labs extension if not already installed.
    • Ensure the MCP server is listed and active in the extension.

  3. Start Using the MCP Server: Once connected, VS Code will call the Python file directly to fetch CVE details and EPSS scores.

VS Code Screenshot

Below is a screenshot of the MCP server integrated with VS Code:

Project Structure

epss-mcp-project
├── epss_mcp.py               # Main entry point for the MCP server
├── nvd_api.py                # Functions to interact with the NVD API
├── epss_api.py               # Functions to interact with the EPSS API
├── epss_mcp_test.py          # Test script for the MCP server
├── requirements.txt          # Project dependencies
├── Dockerfile                # Docker configuration
├── .env                      # Environment variables (e.g., API keys)
└── README.md                 # Project documentation

Contributing

Contributions are welcome! Please feel free to submit a pull request or open an issue for any enhancements or bug fixes.

License

This project is licensed under the MIT License. See the file for more details.

Related MCP Servers

View all security servers →
ida-pro-mcp

ida-pro-mcp

3.7

by mrexodia

Simple MCP Server to allow vibe reversing in IDA Pro.

developer_tools
LitterBox

LitterBox

3.7

by BlackSnufkin

LitterBox is a controlled sandbox environment for security professionals to develop and test payloads, offering advanced analysis capabilities.

security
enrichmcp

enrichmcp

3.7

by featureform

MCPEngine is a production-grade, HTTP-first implementation of the Model Context Protocol (MCP), providing a secure, scalable, and modern framework for exposing data, tools, and prompts to Large Language Models (LLMs) via MCP.

developer_tools
osv-mcp

osv-mcp

3.7

by StacklokLabs

An MCP server providing access to the OSV database for querying vulnerability information.

databases
obsidian-mcp-tools

obsidian-mcp-tools

3.6

by jacksteamdev

MCP Tools for Obsidian enables AI applications like Claude Desktop to securely access and work with your Obsidian vault through the Model Context Protocol (MCP).

ai_chatbot
ida-mcp-server-plugin

ida-mcp-server-plugin

3.6

by taida957789

IDA Pro MCP Server is a plugin that allows remote querying and control of IDA Pro through the Model Context Protocol (MCP) interface.

developer_tools
WireMCP

WireMCP

3.6

by 0xKoda

WireMCP is a Model Context Protocol server that enhances Large Language Models with real-time network traffic analysis capabilities using tools built on Wireshark's `tshark`.

security
jadx-mcp-server

jadx-mcp-server

3.6

by zinja-coder

JADX-MCP-SERVER is a fully automated MCP server designed to work with the JADX-AI-MCP Plugin for analyzing Android APKs using LLMs like Claude.

ai_chatbot
MCP2Lambda

MCP2Lambda

3.6

by danilop

MCP2Lambda allows LLMs to interact with AWS Lambda functions as tools, enabling access to real-time and private data, execution of custom code, and interaction with external services.

cloud_platforms
mcp-shodan

mcp-shodan

3.5

by BurtTheCoder

A Model Context Protocol (MCP) server for querying the Shodan API and Shodan CVEDB, providing access to network intelligence and security services.

security
MCP-Kali-Server

MCP-Kali-Server

3.5

by Wh0am123

Kali MCP Server is a lightweight API bridge that connects MCP Clients to the API server, allowing execution of commands on a Linux terminal.

security
VibeShift

VibeShift

3.5

by GroundNG

VibeShift is an intelligent security agent designed to integrate seamlessly with AI coding assistants, acting as an automated security engineer to analyze code, identify vulnerabilities, and facilitate AI-driven remediation.

security
jadx-mcp-plugin

jadx-mcp-plugin

3.5

by mobilehackinglab

The Jadx MCP Plugin provides a Java-based plugin for Jadx, exposing its API over HTTP to enable interaction with MCP clients like Claude, facilitating AI-assisted security analysis of Android apps.

security
mythic_mcp

mythic_mcp

3.5

by xpn

Mythic MCP is a model context protocol server designed to facilitate automated penetration testing using LLMs.

security
aws-security-mcp

aws-security-mcp

3.5

by groovyBugify

AWS Security MCP is a Model Context Protocol server that allows AI assistants to autonomously inspect and analyze AWS infrastructure for security issues.

security
auth0-mcp-server

auth0-mcp-server

3.5

by auth0

The Auth0 MCP Server integrates with LLMs and AI agents, allowing you to perform various Auth0 management operations using natural language.

developer_tools
GhidraMCP

GhidraMCP

3.5

by 13bm

A Ghidra plugin that implements the Model Context Protocol (MCP) for AI-assisted binary analysis.

developer_tools
nutrient-dws-mcp-server

nutrient-dws-mcp-server

3.5

by PSPDFKit

A Model Context Protocol (MCP) server implementation that integrates with the Nutrient Document Web Service (DWS) Processor API, providing powerful PDF processing capabilities for AI assistants.

developer_tools
MCP_Security

MCP_Security

3.5

by fr0gger

A Model Context Protocol (MCP) server for querying the ORKL API, providing tools for fetching and analyzing threat reports, threat actors, and sources.

security
roadrecon_mcp_server

roadrecon_mcp_server

3.5

by atomicchonk

The ROADrecon MCP Server provides AI assistants like Claude with access to ROADRecon Azure AD data for security analysis.

security
Wazuh-MCP-Server

Wazuh-MCP-Server

3.5

by gensecaihq

Wazuh MCP Server is an AI-powered security operations platform that integrates conversational AI with traditional SIEM operations.

security
pyATS_MCP

pyATS_MCP

3.5

by automateyournetwork

The pyATS MCP Server is a Model Context Protocol Server that integrates with Cisco pyATS and Genie, enabling structured interaction with network devices using JSON-RPC 2.0 over STDIO.

developer_tools
chucknorris

chucknorris

3.5

by pollinations

The CĖ·hĖ·uĖ·cĖ·kĖ·NĖ·oĖ·rĖ·rĖ·iĖ·sĖ· MCP Server is a tool designed to enhance LLMs using specialized prompts and dynamic schema adaptation, primarily for security research.

security
shodan-mcp-server

shodan-mcp-server

3.5

by Cyreslab-AI

A Model Context Protocol (MCP) server that provides access to Shodan API functionality and CVE database, allowing AI assistants to query information about internet-connected devices, services, and vulnerabilities.

research_and_data
mcp-security-audit

mcp-security-audit

3.5

by qianniuspace

A powerful MCP (Model Context Protocol) Server that audits npm package dependencies for security vulnerabilities.

security
onepassword-mcp-server

onepassword-mcp-server

3.5

by dkvdm

This MCP server is a proof of concept for educational purposes, utilizing the 1Password Python SDK to securely retrieve credentials.

security
Rootly-MCP-server

Rootly-MCP-server

3.5

by Rootly-AI-Labs

An MCP server for Rootly API that integrates with MCP-compatible editors to resolve production incidents efficiently.

developer_tools