经 AI Skill Hub 精选评估,cve-mcp-server MCP工具 获评「强烈推荐」。这款MCP工具在功能完整性、社区活跃度和易用性方面表现出色,AI 评分 8.5 分,适合有一定技术背景的用户使用。
为Claude提供27个安全情报工具的生产级MCP服务器,集成CISA-KEV等数据源,支持CVE查询、漏洞分析、安全威胁评估等功能。适合安全工程师、DevSecOps团队和安全研究人员快速获取和分析安全信息。
cve-mcp-server MCP工具 是一款遵循 MCP(Model Context Protocol)标准协议的 AI 工具扩展。通过 MCP 协议,它可以让 Claude、Cursor 等主流 AI 客户端直接访问和操作外部工具、数据源和服务,实现 AI 能力的无缝扩展。无论是文件操作、数据库查询还是 API 调用,都可以通过自然语言在 AI 对话中直接触发,极大提升生产效率。
为Claude提供27个安全情报工具的生产级MCP服务器,集成CISA-KEV等数据源,支持CVE查询、漏洞分析、安全威胁评估等功能。适合安全工程师、DevSecOps团队和安全研究人员快速获取和分析安全信息。
cve-mcp-server MCP工具 是一款遵循 MCP(Model Context Protocol)标准协议的 AI 工具扩展。通过 MCP 协议,它可以让 Claude、Cursor 等主流 AI 客户端直接访问和操作外部工具、数据源和服务,实现 AI 能力的无缝扩展。无论是文件操作、数据库查询还是 API 调用,都可以通过自然语言在 AI 对话中直接触发,极大提升生产效率。
# 方式一:通过 Claude Code CLI 一键安装
claude skill install https://github.com/mukul975/cve-mcp-server
# 方式二:手动配置 claude_desktop_config.json
{
"mcpServers": {
"cve-mcp-server-mcp--": {
"command": "npx",
"args": ["-y", "cve-mcp-server"]
}
}
}
# 配置文件位置
# macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
# Windows: %APPDATA%/Claude/claude_desktop_config.json
# 安装后在 Claude 对话中直接使用 # 示例: 用户: 请帮我用 cve-mcp-server MCP工具 执行以下任务... Claude: [自动调用 cve-mcp-server MCP工具 MCP 工具处理请求] # 查看可用工具列表 # 在 Claude 中输入:"列出所有可用的 MCP 工具"
// claude_desktop_config.json 配置示例
{
"mcpServers": {
"cve-mcp-server_mcp__": {
"command": "npx",
"args": ["-y", "cve-mcp-server"],
"env": {
// "API_KEY": "your-api-key-here"
}
}
}
}
// 保存后重启 Claude Desktop 生效

AI-powered security intelligence at your fingertips — 28 tools + a one-call triage_cve orchestrator, 24 data sources, one protocol.
A production-grade Model Context Protocol (MCP) server that turns Claude into a full-spectrum security analyst. Instead of juggling 15+ browser tabs across NVD, EPSS, CISA KEV, Shodan, VirusTotal, and GreyNoise, ask Claude one question and get correlated intelligence in seconds. Built with Python, FastMCP, httpx, aiosqlite, Pydantic v2, and defusedxml.
The problem: Triaging a single CVE means querying NVD for CVSS scores, EPSS for exploitation probability, CISA KEV for active exploitation status, GitHub for patches, and VirusTotal for malware associations — then mentally correlating everything. For 50 CVEs, that's an entire day lost.
The solution: CVE MCP Server gives Claude direct access to 28 security tools across 24 APIs — fronted by the triage_cve one-call orchestrator. Ask "Should we patch CVE-2024-3400?" and Claude fans out to every relevant source in parallel, calculates a composite risk score (with a CISA KEV hard override), and delivers a prioritized recommendation with evidence.
---
triage_cve orchestrator — one tool call that fans out NVD + EPSS + CISA KEV (+ public PoC discovery for depth != "quick") concurrently, computes the composite risk score, and returns a clean report. depth is quick / standard (default) / deep; deep additionally emits the SSVC v2 gated decision.triage_cve when NIST NVD is unreachable/throttled), CIRCL hashlookup, and the HIBP Pwned Passwords range API.scoring_version — KEV-listed CVEs are always CRITICAL (score ≥ 76); the scoring version is reported in triage_cve and health_check.MCP_TRANSPORT=http to serve streamable-HTTP on HOST:PORT (default 0.0.0.0:8000, stateless) instead of stdio. Ships with a Dockerfile.kev://catalog, epss://scores/{cve_id}, and manifest://tool-hash (SHA-256 over the registered tool surface); prompts patch_decision, compare_and_prioritize, and dependency_triage.sampling/createMessage (Unit 42 MCP-sampling attack vector); new outbound paths are scheme/host-allowlisted.---
pip install -e .
pip install -e ".[test]"
---
CIRCL_PDNS_USER= CIRCL_PDNS_PASS=
You: Scan these dependencies: requests==2.28.0, flask==2.2.0, django==3.2.0, pillow==9.0.0, cryptography==37.0.0
→ scan_dependencies(ecosystem="PyPI", packages={...})
Found 12 vulnerabilities across 4 packages
Claude's response: "Found 12 vulnerabilities across your packages. Immediate action: Django 3.2.0 (3 critical CVEs including SQL injection), Pillow 9.0.0 (heap overflow), cryptography 37.0.0 (OpenSSL chain). Upgrade to: django>=4.2.16, pillow>=10.3.0, cryptography>=42.0.0."
pytest tests/ -v---
```bash
API keys are organized by priority — get the Tier 1 keys first for maximum coverage with free tools, then progressively add Tier 2 and Tier 3 as needed.
claude mcp add cve-mcp -- python -m cve_mcp.server
git clone https://github.com/mukul975/cve-mcp-server.git
cd cve-mcp-server
python -m venv venv && source venv/bin/activate
pip install -e .
pip install -e . python --version # must be 3.10+ ```
Claude Desktop doesn't show the hammer icon (🔨) - Check for JSON syntax errors (no trailing commas) in your config - Use absolute paths — relative paths silently fail - Fully quit Claude Desktop (Cmd+Q / Alt+F4) and restart
```env
python -m venv venv
cp .env.example .env
| ENV Variable | Enables | How to Get | Free Tier Limits | Required? |
|---|---|---|---|---|
URLSCAN_KEY | URL scanning and website analysis | [Sign up at urlscan.io](https://urlscan.io/user/signup) | **5,000 public scans/day** | Optional |
CIRCL_PDNS_USER | CIRCL Passive DNS lookups | [Request access at circl.lu](https://www.circl.lu/services/passive-dns/) | Partner access only | Optional |
CIRCL_PDNS_PASS | CIRCL Passive DNS authentication | Provided with CIRCL registration | Partner access only | Optional |
⚡ Zero-key start: Eight tools work without any API key — EPSS, CISA KEV, OSV.dev, MITRE ATT&CK, CWE lookups, CVSS parsing, Ransomwhere, and NVD (at reduced rate). You can start using the server immediately and add keys progressively.
---
ABUSEIPDB_KEY= # https://www.abuseipdb.com/account/api VIRUSTOTAL_KEY= # https://www.virustotal.com/gui/join-us URLSCAN_KEY= # https://urlscan.io/user/signup SHODAN_KEY= # https://account.shodan.io/register
CACHE_DB_PATH= # defaults to ~/.cve-mcp/cache.db AUDIT_LOG_PATH= # defaults to ~/.cve-mcp/audit.log REQUEST_TIMEOUT=30 # HTTP timeout in seconds MAX_RETRIES=3 # retries on transient errors ```
macOS: ~/Library/Application Support/Claude/claude_desktop_config.json Windows: %APPDATA%\Claude\claude_desktop_config.json
{
"mcpServers": {
"cve-mcp": {
"command": "python",
"args": ["-m", "cve_mcp.server"],
"cwd": "/absolute/path/to/cve-mcp-server",
"env": {
"NVD_API_KEY": "your-key-here",
"GITHUB_TOKEN": "ghp_xxxxxxxxxxxxxxxxxxxx",
"ABUSEIPDB_KEY": "your-abuseipdb-key",
"GREYNOISE_API_KEY": "your-greynoise-key",
"SHODAN_KEY": "your-shodan-key"
}
}
}
}
⚠️ Important: Always use absolute paths. Fully quit Claude Desktop (Cmd+Q / Alt+F4) after changing the config — reloading is not enough.
```bash
claude mcp add cve-mcp -e NVD_API_KEY=your_key -e VULNCHECK_TOKEN=your_token -- python -m cve_mcp.server
NVD_API_KEY=your-key-here
GREYNOISE_API_KEY= # https://viz.greynoise.io/signup
.env is gitignored```
The server queues excess requests automatically, but with a key you get 10× throughput.
```
git clone https://github.com/mukul975/cve-mcp-server.git
cd cve-mcp-server
uv venv
source .venv/bin/activate # or .venv\Scripts\activate on Windows
uv pip install -e .
cp .env.example .env
CVE MCP Server 是一个 AI 驱动的安全智能平台,集成了 27 个工具和 21 个数据源,通过 MCP 协议提供安全智能服务。
CVE MCP Server 需要 Python 3.10+(推荐使用 3.11 或 3.12),以及 pip 或 uv 包管理器、Git 以及访问环境变量的终端。
CVE MCP Server 的安装步骤包括:编辑 .env 文件,安装依赖项,配置环境变量等。
CVE MCP Server 的使用教程包括:快速启动,使用示例,环境变量配置等。
CVE MCP Server 的配置说明包括:创建虚拟环境,复制和配置环境变量,设置 API 键等。
CVE MCP Server 使用 NVD API、GreyNoise API 等接口,API 键保护通过环境变量加载,避免硬编码和日志记录。
CVE MCP Server 的常见问题包括:安装问题,使用问题,配置问题等。
生产级MCP实现,提供27个专业安全工具,CISA数据集成完整。代码质量高,适合企业安全运营,填补Claude在CVE情报领域的空白。
AI Skill Hub 为第三方内容聚合平台,本页面信息基于公开数据整理,不对工具功能和质量作任何法律背书。
建议在沙箱或测试环境中充分验证后,再部署至生产环境,并做好必要的安全评估。
✅ Apache 2.0 — 宽松开源协议,可商用,需保留版权声明和 NOTICE 文件,含专利授权条款。
AI Skill Hub 点评:cve-mcp-server MCP工具 的核心功能完整,质量优秀。对于Claude Desktop / Claude Code 用户来说,这是一个值得纳入个人工具库的选择。建议先在非生产环境试用,再逐步推广。
| 原始名称 | cve-mcp-server |
| 原始描述 | 开源MCP工具:Production-grade MCP server giving Claude 27 security intelligence tools across 。⭐565 · Python |
| Topics | CVE漏洞安全情报MCP工具CISA数据DevSecOps |
| GitHub | https://github.com/mukul975/cve-mcp-server |
| License | Apache-2.0 |
| 语言 | Python |
收录时间:2026-05-16 · 更新时间:2026-05-19 · License:Apache-2.0 · AI Skill Hub 不对第三方内容的准确性作法律背书。
选择 Agent 类型,复制安装指令后粘贴到对应客户端