CVE Security Intelligence
Production-grade MCP server giving Claude 27 security intelligence tools across 21 APIs — CVE lookup, EPSS scoring, CISA KEV, MITRE ATT&CK, Shodan, VirusTotal, and more.
What is CVE Security Intelligence?
CVE Security Intelligence is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to production-grade mcp server giving claude 27 security intelligence tools across 21 apis — cve lookup, epss scoring, cisa kev, mitre att&ck, shodan, virustotal, and more.
Production-grade MCP server giving Claude 27 security intelligence tools across 21 APIs — CVE lookup, EPSS scoring, CISA KEV, MITRE ATT&CK, Shodan, VirusTotal, and more.
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- Production-grade MCP server giving Claude 27 security intell
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx cveConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use CVE Security Intelligence
This CVE Security Intelligence MCP server exposes 27 production-grade security tools to Claude, drawing on 21 APIs including NVD, EPSS, CISA KEV, MITRE ATT&CK, Shodan, VirusTotal, AbuseIPDB, and GreyNoise. It covers the full vulnerability lifecycle — from CVE lookup and CVSS parsing to composite risk scoring, exploit intelligence, IP reputation, dependency scanning, and ransomware tracking. Security analysts and DevSecOps engineers use it to consolidate multi-source threat intelligence into a single conversational interface without manually querying each platform.
Prerequisites
- Python 3.9+ with pip and venv support
- Git to clone the repository from github.com/mukul975/cve-mcp-server
- NVD API key (free at nvd.nist.gov) — eight tools work with no keys at all
- Optional: GitHub token, VirusTotal key, Shodan key, AbuseIPDB key, GreyNoise key
- Claude Desktop or another MCP-compatible client
Clone and enter the repository
Download the server source code from GitHub.
git clone https://github.com/mukul975/cve-mcp-server.git
cd cve-mcp-serverSet up a Python virtual environment
Create an isolated environment so the server's dependencies don't conflict with other Python projects on your system.
python -m venv venv
source venv/bin/activate # Windows: venv\Scripts\activateInstall dependencies
Install the package and all required libraries.
pip install -e .Gather API keys
For full access to all 27 tools, register for free API keys: NVD (nvd.nist.gov), GitHub (github.com/settings/tokens), VirusTotal (virustotal.com), Shodan (shodan.io), AbuseIPDB (abuseipdb.com), and GreyNoise (greynoise.io). All have free tiers.
Add configuration to Claude Desktop
Edit ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%/Claude/claude_desktop_config.json (Windows) and add the server block with your API keys and the absolute path to the repository.
{
"mcpServers": {
"cve-mcp": {
"command": "python",
"args": ["-m", "cve_mcp.server"],
"cwd": "/absolute/path/to/cve-mcp-server",
"env": {
"NVD_API_KEY": "your-nvd-api-key",
"GITHUB_TOKEN": "ghp_xxxxxxxxxxxxxxxxxxxx",
"VIRUSTOTAL_KEY": "your-virustotal-key",
"ABUSEIPDB_KEY": "your-abuseipdb-key",
"GREYNOISE_API_KEY": "your-greynoise-key",
"SHODAN_KEY": "your-shodan-key"
}
}
}
}Restart Claude Desktop
Fully quit and relaunch Claude Desktop so it loads the new MCP server. The CVE security tools should now appear in Claude's available tool set.
CVE Security Intelligence Examples
Client configuration
Claude Desktop JSON configuration block for the CVE Security Intelligence server.
{
"mcpServers": {
"cve-mcp": {
"command": "python",
"args": ["-m", "cve_mcp.server"],
"cwd": "/absolute/path/to/cve-mcp-server",
"env": {
"NVD_API_KEY": "your-nvd-api-key",
"GITHUB_TOKEN": "ghp_xxxxxxxxxxxxxxxxxxxx",
"VIRUSTOTAL_KEY": "your-virustotal-key",
"SHODAN_KEY": "your-shodan-key"
}
}
}
}Prompts to try
Real prompts that exercise the 27 security intelligence tools in this server.
- "Look up CVE-2024-3094 and give me the EPSS score, KEV status, and any public PoC exploits"
- "Calculate composite risk scores for CVE-2023-44487 and CVE-2024-21762 and tell me which to patch first"
- "Scan this IP 185.220.101.5 for abuse history, GreyNoise classification, and Shodan open ports"
- "Check if any of these packages have known CVEs: [email protected], [email protected], [email protected]"
- "Get trending CVEs this week and map them to MITRE ATT&CK techniques"Troubleshooting CVE Security Intelligence
Server fails to start with 'ModuleNotFoundError: No module named cve_mcp'
Make sure you ran 'pip install -e .' inside the virtual environment from the repository root. Also verify that the 'cwd' field in the config points to the exact directory where you cloned the repository.
Rate limit errors from NVD when running multiple CVE queries
Without NVD_API_KEY you are limited to 5 requests per 30 seconds. Register for a free key at nvd.nist.gov/developers/request-an-api-key and add it to the env section — this increases the limit to 50 per 30 seconds.
IP intelligence tools return no data
Shodan, AbuseIPDB, and GreyNoise tools each require their own API key (SHODAN_KEY, ABUSEIPDB_KEY, GREYNOISE_API_KEY). Register at their respective websites — all have free community tiers — and add the keys to the env block in your config.
Frequently Asked Questions about CVE Security Intelligence
What is CVE Security Intelligence?
CVE Security Intelligence is a Model Context Protocol (MCP) server that production-grade mcp server giving claude 27 security intelligence tools across 21 apis — cve lookup, epss scoring, cisa kev, mitre att&ck, shodan, virustotal, and more. It connects AI assistants to external tools and data sources through a standardized interface.
How do I install CVE Security Intelligence?
Follow the installation instructions on the CVE Security Intelligence GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with CVE Security Intelligence?
CVE Security Intelligence works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is CVE Security Intelligence free to use?
Yes, CVE Security Intelligence is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.
CVE Security Intelligence Alternatives — Similar Security Servers
Looking for alternatives to CVE Security Intelligence? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up CVE Security Intelligence in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use CVE Security Intelligence?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.