Command Palette

Search for a command to run...

UnylyUnyly
Весь каталог

Cve Lookup

БесплатноНе проверен

Provides live CVE data from NVD and EPSS without API key, enabling AI assistants to look up CVSS scores, search vulnerabilities, and check product CVEs.

GitHubEmbed

Описание

Provides live CVE data from NVD and EPSS without API key, enabling AI assistants to look up CVSS scores, search vulnerabilities, and check product CVEs.

README

An MCP server that gives AI assistants live access to CVE data from the National Vulnerability Database (NVD) and FIRST EPSS — no API key required.

Built for use with Claude Code and any other Model Context Protocol compatible client.


Tools

Tool Description
lookup_cve Full details for a CVE — CVSS score, description, affected products, EPSS exploitation probability, references
search_cves Search NVD by keyword with optional severity and year filters
check_product_cves Find all HIGH/CRITICAL CVEs for a vendor/product (useful during version fingerprinting)

Example prompts

Look up CVE-2022-41352
Search for critical Zimbra RCE vulnerabilities from 2022
Check CVEs for apache struts

Installation

Option 1 — pipx (recommended)

pipx install cve-lookup-mcp

Option 2 — pip

pip install cve-lookup-mcp

Option 3 — run from source

git clone https://github.com/Aashish-32/cve-lookup-mcp
cd cve-lookup-mcp
pip install -e .

Configuration

Add to your ~/.claude.json (Claude Code) or equivalent MCP client config:

{
  "mcpServers": {
    "cve-lookup": {
      "command": "cve-lookup-mcp",
      "args": []
    }
  }
}

If installed from source, point directly at the script:

{
  "mcpServers": {
    "cve-lookup": {
      "command": "python3",
      "args": ["/path/to/cve-lookup-mcp/src/cve_lookup_mcp/server.py"]
    }
  }
}

Restart your MCP client after adding the config.


Data sources

Source What it provides Rate limit
NVD API v2 CVE details, CVSS scores, affected products ~5 req/30s (no key), 50 req/30s (with key)
FIRST EPSS API Exploitation probability score None

NVD API key (optional)

Without a key, NVD allows roughly 5 requests per 30 seconds. For heavier use, request a free API key from NVD and set it as an environment variable:

{
  "mcpServers": {
    "cve-lookup": {
      "command": "cve-lookup-mcp",
      "env": {
        "NVD_API_KEY": "your-key-here"
      }
    }
  }
}

Development

git clone https://github.com/Aashish-32/cve-lookup-mcp
cd cve-lookup-mcp
python3 -m venv .venv
source .venv/bin/activate
pip install -e .

Run the server manually (stdio mode):

cve-lookup-mcp

Test with a raw JSON-RPC call:

echo '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"test","version":"1"}}}' \
  | cve-lookup-mcp

License

MIT

from github.com/Aashish-32/cve-lookup-mcp

Установка Cve Lookup

У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.

▸ github.com/Aashish-32/cve-lookup-mcp

FAQ

Cve Lookup MCP бесплатный?

Да, Cve Lookup MCP бесплатный — установка в пару кликов через Unyly без оплаты.

Нужен ли API-ключ для Cve Lookup?

Нет, Cve Lookup работает без API-ключей и переменных окружения.

Cve Lookup — hosted или self-hosted?

Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.

Как установить Cve Lookup в Claude Desktop, Claude Code или Cursor?

Открой Cve Lookup на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.

Похожие MCP

Compare Cve Lookup with

Не уверен что выбрать?

Найди свой стек за 60 секунд

Автор?

Embed-бейдж для README

Похожее

Все в категории ai