TechLatest

Posted on Jun 3 • Originally published at osintteam.blog on Jun 1

CVE MCP Server: Turn Claude Into a Full-Spectrum Security Analyst

#claude #mcpserver #claudecode #opensource

27 tools. 21 data sources. One protocol. Zero browser tabs.

If you’ve ever triaged a CVE, you know the drill. Open NVD for the CVSS score. Check EPSS for exploitation probability. Cross-reference CISA KEV for active exploitation. Search GitHub for PoCs. Maybe pull VirusTotal or Shodan if it’s tied to an IP. Then sit there and mentally stitch it all together.

For one CVE, that’s 15–20 minutes. For fifty? That’s your entire day gone.

CVE MCP Server fixes that — an open-source, production-grade Model Context Protocol (MCP) server built by Mahipal Jangra. It gives Claude direct access to 27 security intelligence tools across 21 APIs. Ask one question. Get correlated, prioritized intelligence in seconds.

In this guide, we will walk through installing it on macOS, connecting it to Claude Code, and running real queries — with screenshots at every step.

The Problem: CVE Triage Shouldn’t Be a Tab Marathon

Security analysts, DevSecOps engineers, and bug bounty hunters all hit the same wall. Triaging a single vulnerability means querying:

NVD — CVSS scores, affected products, references
EPSS — statistical likelihood of exploitation
CISA KEV — confirmed in-the-wild exploitation
GitHub — patches, advisories, public exploit code
VirusTotal / Shodan / GreyNoise — if there’s a network or malware angle

Each source lives in its own silo. You’re the glue holding it together — manually, repeatedly, expensively.

CVE MCP Server removes that glue work. Claude orchestrates every relevant lookup in parallel, runs a composite risk calculation, and delivers a recommendation with evidence attached.

What You Get

| Feature | Description |
| ---------------------------- | ----------------------------------------------------------------------------------------------------- |
| **27 MCP tools** | CVE lookup, EPSS, KEV, MITRE ATT&CK, Shodan, VirusTotal, dependency scanning, and more |
| **21 data sources** | NVD, EPSS, CISA KEV, OSV.dev, GitHub GHSA, AbuseIPDB, GreyNoise, MalwareBazaar, ThreatFox, and others |
| **Composite risk engine** | Weighted 0–100 score combining CVSS, EPSS, KEV status, and PoC availability |
| **SQLite cache + audit log** | Fast repeat lookups, full tool invocation history |
| **Zero-key start** | 8 tools work with no API keys at all |
| **Outbound HTTPS only** | No inbound ports, no telemetry, private IPs blocked |

Built with Python 3.10+, FastMCP, httpx, aiosqlite, Pydantic v2, and defusedxml.

GitHub: github.com/mukul975/cve-mcp-server

Architecture at a Glance

Claude Desktop / Claude Code (MCP Client)
              │
              │ Model Context Protocol (stdio)
              ▼
       CVE MCP Server (Python)
  ┌─────────────┬──────────────┬───────────────┐
  │ 27 Tools │ Risk Engine │ SQLite Cache │
  └──────┬──────┴──────┬───────┴───────┬───────┘
         │ │ │
         └─────────────┴───────────────┘
                       │
              Async HTTP (httpx)
         Rate Limiter · Response Cache
                       │
         ┌─────────────┼─────────────┐
         ▼ ▼ ▼
   Vulnerability Network Threat
   Intelligence Intelligence Intelligence
   (NVD, EPSS, (Shodan, (VirusTotal,
    KEV, OSV) GreyNoise) MalwareBazaar)

All traffic is outbound HTTPS only. API keys load from environment variables and are never logged. Private and reserved IP ranges are blocked before any network lookup.

The 27 Tools (Organized by Category)

Core Vulnerability Intelligence (8 tools)

| Tool | What It Does |
|------|-------------|
| `lookup_cve` | Full NVD record — CVSS, CWEs, affected products, and vulnerability timeline |
| `search_cves` | Search NVD by keyword, product, severity, or date range |
| `get_epss_score` | EPSS exploitation probability (0–1) and percentile ranking |
| `check_kev_status` | Check whether a CVE is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog |
| `get_cvss_details` | Parse and explain a CVSS v3.1 vector string |
| `get_cwe_info` | Retrieve CWE information from the embedded database |
| `get_cve_references` | Categorize patch, advisory, and exploit reference links |
| `bulk_cve_lookup` | Batch-fetch up to 20 CVEs with parallel enrichment and analysis |

Exploit & Attack Intelligence (4 tools)

| Tool | What It Does |
|------|-------------|
| `search_exploits` | Search GitHub PoCs and exploit repositories for publicly available exploits |
| `get_mitre_techniques` | Map CVEs and CWEs to relevant MITRE ATT&CK techniques |
| `check_poc_availability` | Check multiple sources for proof-of-concept (PoC) exploit availability |
| `get_attack_patterns` | Retrieve CAPEC attack pattern details and associated attack methodologies |

Advanced Risk & Reporting (4 tools)

| Tool | What It Does |
|------|-------------|
| `calculate_risk_score` | Calculate a composite 0–100 risk score based on multiple vulnerability signals |
| `generate_risk_report` | Generate an executive-formatted security risk report |
| `prioritize_cves` | Rank and prioritize CVEs for remediation and triage |
| `get_trending_cves` | Identify trending vulnerabilities based on high EPSS scores and recent KEV additions |

Network Intelligence (4 tools)

| Tool | What It Does |
|------|-------------|
| `lookup_ip_reputation` | Retrieve AbuseIPDB abuse history, reputation score, and confidence level for an IP address |
| `check_ip_noise` | Query GreyNoise to classify IPs based on scanning, attack, and internet background noise activity |
| `shodan_host_lookup` | Retrieve open ports, running services, banners, and associated CVEs from Shodan |
| `passive_dns_lookup` | Access CIRCL passive DNS data for historical DNS resolutions and domain associations |

Threat Intelligence (4 Tools)

| Tool | What It Does |
|------|-------------|
| `virustotal_lookup` | Check a file hash, URL, domain, or IP address against 70+ antivirus and threat intelligence engines |
| `search_malware` | Search MalwareBazaar for malware samples, hashes, and related metadata |
| `search_iocs` | Look up Indicators of Compromise (IOCs) in ThreatFox by malware family or threat actor |
| `check_ransomware` | Check ransomware-related Bitcoin addresses and associated threat intelligence data |

DevSecOps (3 Tools)


| Tool | What It Does |
|------|-------------|
| `scan_dependencies` | Scan software dependencies for known vulnerabilities using OSV.dev vulnerability data |
| `scan_github_advisories` | Search GitHub Security Advisories (GHSA) for vulnerability information and remediation guidance |
| `urlscan_check` | Submit URLs to URLScan.io and retrieve analysis results, screenshots, and threat intelligence data |

Installation: Step by Step

We’ll walk through the full setup — from clone to your first Claude query.

Prerequisites

Python 3.10+ (3.11 or 3.12 recommended)
pip or uv
Git
Claude Desktop or Claude Code

Step 1: Clone the Repository

git clone https://github.com/mukul975/cve-mcp-server.git
cd cve-mcp-server

Step 2: Create a Virtual Environment

macOS / Linux:

python -m venv venv
source venv/bin/activate

Windows (PowerShell):

python -m venv venv
.\venv\Scripts\Activate.ps1

Windows (CMD):

python -m venv venv
venv\Scripts\activate.bat

Step 3: Install Dependencies

pip install -e .

For development with tests:

pip install -e ".[test]"

Faster alternative with uv:

uv venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
uv pip install -e .

Step 4: Verify the Server Starts

python -m cve_mcp.server

You should see the FastMCP server initialize without errors. Press Ctrl+C to stop — we’ll wire it into Claude next.

Step 5: Configure API Keys

API keys are optional for CVE MCP Server. Eight tools work with no keys (EPSS, CISA KEV, OSV.dev, MITRE ATT&CK, CWE lookups, CVSS parsing, Ransomwhere, and NVD at 5 req/30s).

For this guide, we add one key: a GitHub personal access token. It’s free, takes about a minute, and needs no organization details (unlike NVD, which can ask for org info and take longer to approve).

What a GitHub token unlocks:


| Tool | What You Get |
|------|--------------|
| `search_exploits` | Access to public PoC and exploit repositories hosted on GitHub |
| `check_poc_availability` | Multi-source proof-of-concept (PoC) availability checks, including GitHub-based sources |
| `scan_github_advisories` | Access to GitHub Security Advisories (GHSA) for vulnerability research and remediation guidance |

Rate limit: 60 requests/hour without a token → 5,000/hour with a token.

What still works without NVD_API_KEY:

NVD-backed tools (lookup_cve, search_cves, calculate_risk_score, etc.) still work at the free tier: 5 requests per 30 seconds. Fine for blog demos and a few CVEs at a time.

On startup, you’ll still see:

WARNING: NVD_API_KEY not set — using unauthenticated rate limit (5 req/30s)

That’s expected, not an error. Add NVD_API_KEY later when you have it.

Step 5a: Copy the environment file

From your project directory (with venv active):

cd ~/Desktop/cve-mcp-server
source venv/bin/activate
cp .env.example .env

.env is gitignored — your keys stay local and are never committed.

Step 5b: Create a GitHub token

Open github.com/settings/tokens
Generate a new token (classic)
Name it e.g. cve-mcp-server
Expiration: 90 days or “No expiration” (your choice)
Scopes: leave empty — public advisory and code search don’t need repo scopes
Generate and copy the token once (ghp_...)

Step 5c: Edit .env

Open .env in your editor and set:

# Optional — add later for 10× NVD speed (50 req/30s)
NVD_API_KEY=

# Tier 1 — GitHub (this guide)
GITHUB_TOKEN=ghp_your_token_here

# Tier 2 — leave empty unless you need IP/malware demos
ABUSEIPDB_KEY=
VIRUSTOTAL_KEY=
GREYNOISE_API_KEY=
SHODAN_KEY=
URLSCAN_KEY=

Step 5d: Verify the server loads .env

python -m cve_mcp.server

You should see:

NVD warning (OK without NVD key)
KEV catalog loaded with ~1600+ entries
Server running — waiting for MCP client on stdio

Press Ctrl+C to stop.

python-dotenv loads .env automatically when the server runs from the project folder.

Step 6: Connect CVE MCP Server to Claude Code

You installed the server in Steps 1–4 and added a GitHub token in Step 5. Step 6 wires that server into Claude Code so Claude can call all 27 security tools during a session.

You’re using Claude Code (not Claude Desktop) — that’s the right client for this walkthrough.

Why use the project venv Python?

Claude spawns the MCP server as a subprocess. If it uses system python, it may not see cve-mcp-server or your .env.

Use the venv interpreter and set cwd to the project folder so:

cve_mcp is importable
python-dotenv loads .env (including GITHUB_TOKEN)
the KEV catalog and tools start correctly

Step 6a: Register the MCP server

From the project directory:

cd ~/xxxx/cve-mcp-server
source venv/bin/activate

claude mcp add cve-mcp -- \
  /Users/xxxxx/xxxx/cve-mcp-server/venv/bin/python \
  -m cve_mcp.server

Replace the path if your clone lives elsewhere — always use absolute paths.

Verify:

claude mcp list

Expected:

cve-mcp: .../venv/bin/python -m cve_mcp.server
  Scope: Project config (shared via .mcp.json)
  Status: ✓ Connected

Step 6b: Approve the server (one-time)

The first time you open Claude in this project, you may see:

⏸ Pending approval (run `claude` to approve)

Run claude from ~/Desktop/cve-mcp-server
When prompted, trust/approve cve-mcp for this project
Run claude mcp list again — status should be Connected

This is a security gate: Claude won’t run project MCP servers until you explicitly allow them.

Step 6c: Project config (.mcp.json)

Claude Code stores project MCP settings in .mcp.json. Example for macOS:

{
  "mcpServers": {
    "cve-mcp": {
      "command": "/Users/xxxx/xxxx/cve-mcp-server/venv/bin/python",
      "args": ["-m", "cve_mcp.server"],
      "cwd": "/Users/xxxx/xxxx/cve-mcp-server"
    }
  }
}

Notes:

No API keys in JSON if you use .env — keep secrets in .env only
Windows readers: use venv\Scripts\python.exe and a Windows absolute cwd
Commit .mcp.json only if paths are generic or documented; machine-specific paths are often kept local

Alternative: pass GITHUB_TOKEN via CLI

If .env isn’t loaded (unusual when cwd is correct):

claude mcp remove cve-mcp -s project

claude mcp add cve-mcp \
  -e GITHUB_TOKEN=ghp_your_token_here \
  -- /Users/xxxx/xxxx/cve-mcp-server/venv/bin/python \
  -m cve_mcp.server

Step 7: Your First Real Queries (Copy for Medium)

After Steps 1–6, Claude Code is connected to cve-mcp with your GitHub token in .env. Step 7 is where it pays off: one question, many APIs, correlated answers.

Before you ask anything

cd ~/xxxx/cve-mcp-server
Run claude
Approve cve-mcp (pick option 2 — trust for all future sessions in this project)
Confirm: claude mcp list → ✓ Connected

Query 1: Log4Shell triage (free tools + GitHub token)

Prompt:

What is CVE-2021-44228? Is it in CISA KEV? What is the EPSS score? Are there public exploits on GitHub? Be concise and cite tool results.

Tools Claude used (live run):

| Tool | Source |
| ---------------------------- | -------------------------------------------------- |
| `lookup_cve` | NVD (free tier) |
| `check_kev` | CISA Known Exploited Vulnerabilities (KEV) Catalog |
| `get_epss_score` | EPSS (Exploit Prediction Scoring System) |
| `check_exploit_availability` | GitHub (using your personal access token) |

Actual result summary:

CVSS 10.0 CRITICAL — Log4j2 RCE
CISA KEV: Yes — added 2021–12–10, known ransomware use
EPSS: 94.36% (100th percentile)
GitHub PoCs: 7 repos (e.g., Puliczek bypass PoC ★950)
Verdict: Emergency patch priority

No NVD_API_KEY needed for this demo; NVD ran at 5 req/30s.

Query 2: Scan Python dependencies (no keys)

Prompt:

Scan these PyPI packages for vulnerabilities: requests 2.28.0, flask 2.2.0, django 3.2.0. List CVEs found and severity.

Tool: scan_dependencies → OSV.dev (free)

Actual result summary:

## Example Dependency Scan Results

| Package | CVEs | Worst Finding |
|---------|------|---------------|
| `requests` 2.28.0 | 5 | **MEDIUM** (e.g., CVE-2023-32681) → upgrade to ≥ 2.32.4 |
| `flask` 2.2.0 | 3 | **HIGH** CVE-2023-30861 → upgrade to ≥ 2.2.5 |
| `django` 3.2.0 | 55 | **CRITICAL** CVE-2022-34265 (CVSS 9.8), EPSS 92.83% |

Verdict: Upgrade django to the latest 3.2.x LTS immediately.

Query 3: GitHub Security Advisories (uses your token)

Prompt:

Search GitHub security advisories for django in the pip ecosystem. Summarize top findings.

Tool: scan_github_advisories (benefits from GITHUB_TOKEN)

Actual result summary:

~300 advisories spanning 2008–2026
Recent (2025–2026): DoS / algorithmic complexity/timing
High-impact classics: SQLi (CVE-2022–28346, CVE-2020–9402)
Takeaway: Stay on a supported Django LTS

Conclusion

CVE triage used to mean a dozen browser tabs and mental glue work — NVD, EPSS, CISA KEV, GitHub, and more. In this walkthrough we installed CVE MCP Server (open source, by Mahipal Jangra) and wired it into Claude Code so Claude can call 27 tools across 21 data sources over a single protocol.

You cloned the repo, created a venv, installed the package, confirmed the server starts, added a GitHub token (without waiting on NVD approval), approved the MCP server in Claude Code, and ran three real queries:

Log4Shell — CVSS, KEV, EPSS, and public PoCs in one answer
PyPI dependency scan — no extra API keys
Django GitHub advisories — powered by your GitHub token

That’s the point: one question, correlated intelligence, seconds instead of minutes per CVE.

What to do next

Keep using it — Paste CVE IDs, requirements.txt lines, or suspicious IPs into Claude and let the server orchestrate lookups.
Add NVD_API_KEY when you can — Free from NIST; removes the 5 req/30s limit and speeds up NVD-heavy workflows.
Add Tier 2 keys only if you need them — AbuseIPDB, GreyNoise, Shodan, VirusTotal for IP and malware demos.
Star the repo if this saved you time: github.com/mukul975/cve-mcp-server — contributions and issues are welcome on the upstream project.
Report bugs upstream — Installation problems in this post vs bugs in the server itself; the latter belong on the project’s GitHub.

A note on scope

CVE MCP Server is read-only intelligence — it does not scan your network or exploit targets. API keys stay in .env; use redacted values in screenshots and posts. All traffic is outbound HTTPS; private IPs are blocked on network tools.

GARS-2026

If you use agentic AI in security workflows, consider the GARS-2026 (Global Agentic AI Readiness Survey) — 60 questions, anonymous, supervised by SRH Berlin. It measures how ready teams are for MCP, tool calling, and human-in-the-loop security automation.

Survey: mahipal.engineer/survey

Closing line

Security work shouldn’t require fifteen tabs for one CVE. CVE MCP Server turns that workflow into a conversation — and after Steps 1–7, you’ve got it running on your machine.

This was an independent setup guide. Credit for the project goes to Mahipal Jangra. MIT licensed.