Skip to main content
AI Tool Radar
OSI-openMCP servers for coding agents

cve-mcp-server

mukul975

MCP server that gives Claude security-intelligence tools, orchestrating NVD, EPSS, CISA KEV and more for CVE triage.

1.1k stars(as of 2026-06-26)View on GitHubHomepage
Overview

What is cve-mcp-server?

A Model Context Protocol server that gives Claude or any MCP client security-intelligence tooling: 28 tools plus a one-call triage orchestrator that fans out to NVD, EPSS and CISA KEV with a composite 0-100 risk score. It pulls from around 24 data sources (NVD, EPSS, KEV, OSV.dev, MITRE ATT&CK, Shodan, VirusTotal, GreyNoise and more) and is built on FastMCP in Python.

Analysis

Pros & Cons

Pros

  • Broad, well-organised coverage (28 tools, ~24 sources) consolidating fragmented security feeds into one MCP
  • Security-conscious design: no inbound ports, private-IP blocking and keys never logged
  • Works partially without any API key and is Apache-2.0 with active releases

Cons

  • Full value requires several third-party API keys (Shodan, VirusTotal and others), so out-of-the-box scope is limited
  • The README and LICENSE disagree on the licence (README says MIT, LICENSE is Apache-2.0)
  • A single-maintainer project, with 'production-grade' as a self-claim rather than a third-party audit
License

License

Apache-2.0 (OSI-open)

Apache-2.0 per the LICENSE file; the README prose mentions MIT in one spot, an internal inconsistency that the Apache-2.0 LICENSE governs over.

When it is interesting

You want an LLM assistant to triage CVEs by orchestrating NVD, EPSS, KEV and threat-intel feeds in one MCP call.

When it is too early

If you need vendor-backed support or cannot provision the external API keys the richer tools depend on.

Context

Commercial alternative & related

  • Commercial counterpart: Tenable

This repo featured in the 2026-07 edition of the Open-Source AI Radar.

Similar repositories

chrome-devtools-mcp

ChromeDevTools

43.0k

Official Chrome DevTools MCP server giving coding agents control of a real Chrome instance with DevTools-grade inspection.

OSI-openMCP servers for coding agents

n8n-mcp

czlonkowski

21.6k

Independent MCP server giving AI assistants structured access to n8n node docs to build and validate workflows.

OSI-openMCP servers for coding agents

claude-context

zilliztech

11.8k

Code-search MCP server for AI coding agents - semantic + BM25 hybrid search across whole codebases.

OSI-openMCP servers for coding agents