Nvd Cve Server
БесплатноНе проверенMCP server that provides tools to search, filter, and retrieve CVE data from the NVD API, including by ID, keyword, severity, and recency.
Описание
MCP server that provides tools to search, filter, and retrieve CVE data from the NVD API, including by ID, keyword, severity, and recency.
README
A Model Context Protocol (MCP) server that exposes CVE search tools backed by the NVD API v2.0.
Features
search_cve_by_id— look up an exact CVE ID (e.g.CVE-2024-1234)search_cve_by_keyword— search by product name/keyword, with optionaldays_backdate filterget_recent_cves— get newly published CVEs from a configurable time window (default: 7 days)search_by_severity— filter by severity:CRITICAL,HIGH,MEDIUM,LOW- NVD API rate limiting + automatic retry with exponential backoff (handles 429, 5xx errors)
- Respects
Retry-Afterresponse headers; up to 3 retries per request - NVD API date range limit enforced:
days_backis validated against the 120-day maximum - stdio transport (recommended for Claude Desktop and most MCP clients)
Data Source
- NVD Vulnerability API v2.0:
- https://nvd.nist.gov/developers/vulnerabilities
- Endpoint used:
https://services.nvd.nist.gov/rest/json/cves/2.0
Project Structure
nvd_cve_mcp_server/
├── pixi.toml
├── pyproject.toml
├── README.md
└── src/nvd_cve_mcp_server/
├── __init__.py
├── nvd_client.py
└── server.py
Setup
Option 1: pixi (recommended)
Supported platforms: linux-64, linux-aarch64, osx-arm64, osx-64, win-64
cd nvd-cve-mcp-server
pixi install
pixi run run-mcp-server
Development workflow (pixi tasks)
The project uses pixi tasks for all quality and packaging workflows:
pixi run lint # ruff lint
pixi run format # ruff formatter
pixi run format-check # verify formatting only
pixi run typecheck # mypy (strict)
pixi run test # pytest
pixi run check # lint + format-check + typecheck + test
Build and release artifacts
- PyPI artifacts (wheel + sdist) are built with Hatch:
pixi run build-pypi
- Conda package is built from a v1 recipe (
recipe/recipe.yaml) aligned with conda-forge/feedstock workflows. The recipe source is expected to be a version tag tarball (v<version>) with a pinned SHA256.
pixi run build-conda
Changelog generation
git-cliff is configured in pyproject.toml and generates CHANGELOG.md from Conventional Commit history.
pixi run changelog
Conventional Commits
Use commit messages that follow: type(scope): description
Common types:
feat: new functionalityfix: bug fixdocs: documentation changesrefactor: internal refactorstest: testsbuild: packaging/build toolingci: CI/CD changeschore: maintenance
Examples:
feat(server): add severity filter toolfix(nvd): handle retry-after parsingbuild(release): add hatch pypi build task
History rewrite note: if commit history is rewritten to conform to Conventional Commits, coordinate with collaborators and force-push carefully.
Option 2: pip / venv
cd nvd-cve-mcp-server
python -m venv .venv
source .venv/bin/activate
pip install -e .
python -m nvd_cve_mcp_server.server
Configuration
Environment variables:
NVD_API_KEY(optional, recommended for higher NVD rate limits)NVD_RATE_LIMIT_REQUESTS(optional)NVD_RATE_LIMIT_WINDOW_SECONDS(optional)
Defaults used by server:
- Without API key:
5requests /30seconds - With API key:
50requests /30seconds
MCP Transport
The server uses stdio transport:
mcp.run(transport="stdio")
Example MCP Client Configuration (Claude Desktop style)
Adjust Python path/environment for your machine:
{
"mcpServers": {
"cve": {
"command": "python",
"args": ["-m", "nvd_cve_mcp_server.server"],
"cwd": "/path/to/nvd-cve-mcp-server",
"env": {
"NVD_API_KEY": "your_api_key_here"
}
}
}
}
Tool Usage Examples
1) search_cve_by_id
Input:
{ "cve_id": "CVE-2024-3094" }
2) search_cve_by_keyword
Search by keyword with no date filter:
Input:
{ "keyword": "openssl", "limit": 5 }
Search by keyword limited to the last 30 days (days_back max is 120):
Input:
{ "keyword": "openssl", "limit": 5, "days_back": 30 }
3) get_recent_cves
Defaults to the last 7 days. Accepts any value from 1–120 for days_back:
Input:
{ "limit": 10, "days_back": 7 }
4) search_by_severity
Input:
{ "severity": "HIGH", "limit": 10 }
Response Shape
Each tool returns a normalized structure like:
{
"success": true,
"total_results": 123,
"returned_results": 10,
"cves": [
{
"id": "CVE-2024-0001",
"published": "2024-01-01T00:00:00.000",
"last_modified": "2024-01-02T00:00:00.000",
"description": "...",
"severity": "HIGH",
"base_score": 7.5,
"vector": "CVSS:3.1/...",
"cwes": ["CWE-79"],
"references": ["https://..."]
}
]
}
Error case:
{
"success": false,
"error": "NVD API request failed ..."
}
Error Handling & Retry Behavior
The NVDClient automatically retries transient failures up to 3 times using exponential backoff with jitter:
| Condition | Behavior |
|---|---|
| HTTP 429 / 5xx | Retry with backoff; honour Retry-After header if present |
| Timeout | Retry with backoff |
| Network error | Retry with backoff |
Invalid date range (days_back > 120) |
Immediate error — no retry |
| Invalid severity value | Immediate error — no retry |
Установка Nvd Cve Server
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/millsks/nvd-cve-mcp-serverFAQ
Nvd Cve Server MCP бесплатный?
Да, Nvd Cve Server MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Nvd Cve Server?
Нет, Nvd Cve Server работает без API-ключей и переменных окружения.
Nvd Cve Server — hosted или self-hosted?
Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.
Как установить Nvd Cve Server в Claude Desktop, Claude Code или Cursor?
Открой Nvd Cve Server на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
GitHub
PRs, issues, code search, CI status
автор: GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
автор: mcpdotdirectCompare Nvd Cve Server with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории development
