VulnerableMCP

v1.0.0Securitystable

A comprehensive database of Model Context Protocol vulnerabilities, security research, and exploits

vulnerablemcpmcpai-integration
Share:
38
Stars
0
Downloads
0
Weekly
0/5

What is VulnerableMCP?

VulnerableMCP is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to comprehensive database of model context protocol vulnerabilities, security research, and exploits

A comprehensive database of Model Context Protocol vulnerabilities, security research, and exploits

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • A comprehensive database of Model Context Protocol vulnerabi

Use Cases

Access a comprehensive database of MCP vulnerabilities, security research, and exploits.
vineethsai

Maintainer

LicenseMIT
Languagehtml
Versionv1.0.0
UpdatedMay 19, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx vulnerablemcp

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use VulnerableMCP

VulnerableMCP is a community-maintained knowledge base and static website cataloguing known vulnerabilities, security research, and exploits specific to the Model Context Protocol ecosystem. It provides a structured taxonomy of MCP attack vectors — including prompt injection, tool poisoning, and data exfiltration patterns — so security researchers, red teams, and MCP server developers can understand, reproduce, and defend against real threats. The project is a reference resource rather than a runtime server, making it valuable for anyone building or auditing MCP-based systems.

Prerequisites

  • Node.js 18 or higher (for local development and building the static site)
  • Git to clone the repository
  • A modern web browser to view the rendered vulnerability database
  • Familiarity with MCP concepts and security research terminology
1

Clone the repository

Clone the VulnerableMCP repository to get the vulnerability database, taxonomy definitions, and static site source.

git clone https://github.com/vineethsai/vulnerablemcp.git
cd vulnerablemcp
2

Install dependencies

Install Node.js packages required to build the static site and run the development server.

npm install
3

Build the static site

Generate the static HTML pages from the vulnerability data and EJS templates. Output goes to the dist/ directory.

npm run build
4

Run the local development server

Start a local preview server on port 3000 to browse the vulnerability database in your browser.

npm run dev
5

Validate and check entries

When contributing new vulnerability entries, validate the JSON schema and check that all referenced URLs are live before opening a pull request.

npm run validate
npm run check-links

VulnerableMCP Examples

Vulnerability entry structure

Example of a well-formed vulnerability entry in data/vulnerabilities.json that follows the project taxonomy.

{
  "id": "VMCP-2024-001",
  "title": "Prompt Injection via Tool Description Override",
  "severity": "high",
  "category": "prompt-injection",
  "description": "An attacker controls a malicious MCP server that injects instructions into tool descriptions, causing the LLM to exfiltrate data.",
  "affected": ["claude-desktop", "cursor"],
  "references": ["https://example.com/research"]
}

Prompts to try

Research questions and use cases when studying the vulnerability database.

- "Show me all high-severity MCP vulnerabilities related to prompt injection"
- "What are known tool poisoning attack patterns in MCP servers?"
- "Which MCP clients have been affected by data exfiltration vulnerabilities?"
- "Summarize the taxonomy of MCP attack categories documented in VulnerableMCP"

Troubleshooting VulnerableMCP

npm run build fails with template errors

Ensure data/vulnerabilities.json is valid JSON and conforms to the schema in data/taxonomy.json. Run `npm run validate` first to catch schema violations before building.

Local dev server does not reload changes

The dev server watches template and data files. If changes are not reflected, stop the server (Ctrl+C), run `npm run build` manually, then restart with `npm run dev`.

Frequently Asked Questions about VulnerableMCP

What is VulnerableMCP?

VulnerableMCP is a Model Context Protocol (MCP) server that comprehensive database of model context protocol vulnerabilities, security research, and exploits It connects AI assistants to external tools and data sources through a standardized interface.

How do I install VulnerableMCP?

Follow the installation instructions on the VulnerableMCP GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with VulnerableMCP?

VulnerableMCP works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is VulnerableMCP free to use?

Yes, VulnerableMCP is open source and available under the MIT license. You can use it freely in both personal and commercial projects.

VulnerableMCP Alternatives — Similar Security Servers

Looking for alternatives to VulnerableMCP? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "vulnerablemcp": { "command": "npx", "args": ["-y", "vulnerablemcp"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use VulnerableMCP?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides