NVD CVE MCP Server

The NVD CVE MCP Server is a powerful security research tool

GitHub

NVD CVE MCP Server

npm version License: MIT

A Model Context Protocol (MCP) server for retrieving and displaying CVE vulnerability information from the National Vulnerability Database (NVD). Features dual data sources with NVD API and web scraping fallback.

āœØ Features

  • šŸ” CVE Details Lookup: Retrieve complete vulnerability information by CVE ID
  • šŸ”Ž Keyword Search: Search for CVE vulnerabilities by keywords
  • šŸ“Š Formatted Output: Display vulnerability information in elegant Markdown format
  • šŸ”„ Dual Data Sources: API-first approach with web scraping as fallback
  • šŸŒ Multi-language Support: Full support for both English and Chinese

šŸ“¦ Installation

Prerequisites

  • Node.js >= 18.0.0
  • npm or yarn

Quick Start with npx (Recommended)

No installation required! Use directly with npx:

{
  "mcpServers": {
    "nvd-cve": {
      "command": "npx",
      "args": ["-y", "nvd-cve-mcp-server"]
    }
  }
}

Global Installation

npm install -g nvd-cve-mcp-server

Local Installation

npm install nvd-cve-mcp-server

šŸš€ Usage

1. Configure as MCP Server

Configure in Claude Desktop or other MCP-compatible applications:

macOS/Linux (~/Library/Application Support/Claude/claude_desktop_config.json):

{
  "mcpServers": {
    "nvd-cve": {
      "command": "npx",
      "args": ["-y", "nvd-cve-mcp-server"]
    }
  }
}

Windows (%APPDATA%\Claude\claude_desktop_config.json):

{
  "mcpServers": {
    "nvd-cve": {
      "command": "npx",
      "args": ["-y", "nvd-cve-mcp-server"]
    }
  }
}

2. Direct Execution

npm start

šŸ› ļø Available Tools

1. get_cve_details

Retrieve detailed information for a specific CVE.

Parameters:

  • cve_id (required): CVE ID in format CVE-YYYY-NNNNN

Example:

Get details for CVE-2025-13583

Output Format:

# CVE-2025-13583

## šŸ“Š Basic Information

- **CVE ID**: CVE-2025-13583
- **CVSS Score**: 9.8
- **Severity**: CRITICAL
- **Published**: 2025-11-23
- **Last Modified**: 2025-11-26
- **CWE Type**: CWE-89

## šŸ“ Description

[Detailed vulnerability description]

## šŸ”— References

1. [VulDB](https://vuldb.com/?id.333344)
2. [GitHub Issue](https://github.com/rassec2/dbcve/issues/6)

## šŸŒ Official Links

- [NVD Details](https://nvd.nist.gov/vuln/detail/CVE-2025-13583)
- [CVE Record](https://cve.org/CVERecord?id=CVE-2025-13583)

2. search_cves

Search for CVE vulnerabilities by keyword.

Parameters:

  • keyword (required): Search keyword
  • limit (optional): Number of results to return (default: 10, max: 20)

Example:

Search for CVEs related to "SQL injection"
Search for "WordPress" vulnerabilities, limit to 5 results

Output Format:

# CVE Search Results: "SQL injection"

Found 10 related vulnerabilities

| CVE ID | Severity | CVSS | Published | Description |
|--------|----------|------|-----------|-------------|
| CVE-2025-13583 | CRITICAL | 9.8 | 2025-11-23 | A vulnerability has been found in code-projects... |
| CVE-2025-13582 | HIGH | 7.3 | 2025-11-23 | A vulnerability was found in code-projects... |

šŸ“‹ Usage Examples

Using with Claude

  1. Query Specific CVE:

    Please help me query CVE-2025-13583 details

  2. Search Vulnerabilities:

    Search for recent SQL injection vulnerabilities

  3. Search by Product:

    Find WordPress-related CVE vulnerabilities

šŸ”§ Technical Architecture

Data Sources

  1. NVD API (Primary)

    • Official REST API: https://services.nvd.nist.gov/rest/json/cves/2.0
    • Provides structured JSON data
    • Includes complete CVSS scores, CWE classifications, etc.

  2. NVD Web (Fallback)

    • Web scraping when API is unavailable
    • Uses Cheerio for HTML parsing
    • Extracts key vulnerability information

Core Dependencies

  • @modelcontextprotocol/sdk: MCP protocol implementation
  • axios: HTTP client
  • cheerio: HTML parser

šŸ“Š Data Format

CVE Details Object

{
  id: "CVE-2025-13583",
  description: "Vulnerability description...",
  cvssScore: 9.8,
  severity: "CRITICAL",
  published: "2025-11-23T10:15:03.000",
  lastModified: "2025-11-26T12:39:31.000",
  references: [
    {
      url: "https://example.com",
      source: "VulDB"
    }
  ],
  cweId: "CWE-89",
  source: "api" // or "web"
}

āš ļø Important Notes

  1. API Rate Limits: NVD API has rate limits, please use responsibly
  2. Network Requirements: Requires access to nvd.nist.gov
  3. Data Freshness: CVE information is updated regularly, check for latest data
  4. Format Validation: CVE ID must follow CVE-YYYY-NNNNN format

šŸ› Troubleshooting

Common Issues

  1. API Timeout

    • Check network connection
    • System will automatically switch to web scraping mode

  2. CVE Not Found

    • Verify CVE ID format is correct
    • Check if CVE has been published to NVD

  3. No Search Results

    • Try using more general keywords
    • Check spelling

šŸ“ Development

Project Structure

nvd-cve-mcp-server/
ā”œā”€ā”€ src/
ā”‚   ā””ā”€ā”€ index.js          # Main server code
ā”œā”€ā”€ package.json          # Project configuration
ā””ā”€ā”€ README.md            # Documentation

Local Development

# Development mode (auto-restart)
npm run dev

# Production mode
npm start

šŸ¤ Contributing

Issues and Pull Requests are welcome!

šŸ“„ License

MIT License

šŸ‘„ Author

SOCTeam.AI

šŸ”— Related Links

Note: This tool is for security research and educational purposes only. Please comply with relevant laws, regulations, and ethical standards.

Related Servers