Vulnerability Intelligence MCP server

The MCP Vulnerability Checker Server provides comprehensive security vulnerability intelligence tools through the Model Context Protocol (MCP). This server integrates multiple security databases and APIs to deliver CVE lookups, EPSS scoring, CVSS calculations, exploit detection, and Python package vulnerability checking.

Using the Hosted Server

Claude Desktop Configuration

Add this configuration to your Claude Desktop settings file (~/.config/claude/claude_desktop_config.json):

{
  "mcpServers": {
    "vulnerability-intelligence": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-fetch"],
      "env": {
        "FETCH_URL": "https://vulnerability-intelligence-mcp-server-edb8b15494e8.herokuapp.com/sse"
      }
    }
  }
}

Cursor IDE Configuration

Add this configuration to your Cursor MCP settings file (~/.cursor/mcp.json):

{
  "mcpServers": {
    "vulnerability-intelligence": {
      "url": "https://vulnerability-intelligence-mcp-server-edb8b15494e8.herokuapp.com/sse"
    }
  }
}

Alternatively, in Cursor IDE:

• Open Cursor Settings → Features → MCP Servers
• Click "Add New Server"
• Select "Server-Sent Events (SSE)" as the type
• Enter URL: https://vulnerability-intelligence-mcp-server-edb8b15494e8.herokuapp.com/sse
• Give it a name: vulnerability-intelligence

Test the Connection

Once configured, try these example queries in Claude or Cursor:

• CVE Lookup: "Look up CVE-2021-44228" (Log4Shell vulnerability)
• EPSS Score: "Get EPSS score for CVE-2021-44228"
• Package Check: "Check the 'requests' Python package for vulnerabilities"
• Exploit Check: "Check for exploits for CVE-2021-44228"
• CVSS Calculator: "Calculate CVSS score for vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"

Available Security Tools

CVE Vulnerability Lookup (cve_lookup)

• Purpose: Fetches detailed vulnerability information from the National Vulnerability Database (NVD)
• Data Source: NIST National Vulnerability Database API 2.0
• Usage: cve_lookup cve_id="CVE-2021-44228"
• Features:
  • CVSS scores (v2.0, v3.0, v3.1) with severity ratings
  • Comprehensive vulnerability descriptions
  • References, advisories, and remediation links
  • CWE (Common Weakness Enumeration) mappings
  • Publication and modification timeline
  • Affected product configurations

EPSS Score Lookup (get_epss_score)

• Purpose: Get Exploit Prediction Scoring System (EPSS) scores for CVEs
• Data Source: FIRST EPSS API
• Usage: get_epss_score cve_id="CVE-2021-44228"
• Features:
  • Probability of exploitation within 30 days
  • AI-powered risk prioritization
  • Real-time threat intelligence integration
  • Percentile rankings for relative risk assessment

CVSS Score Calculator (calculate_cvss_score)

• Purpose: Calculate CVSS base scores from vector strings
• Data Source: CVSS v3.0/v3.1 specification
• Usage: calculate_cvss_score vector="CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
• Features:
  • Support for CVSS v3.0 and v3.1
  • Detailed metric breakdown
  • Severity level mapping (Critical, High, Medium, Low)
  • Vector string validation and parsing

Vulnerability Search (search_vulnerabilities)

• Purpose: Search vulnerability databases with advanced filtering
• Data Source: Multiple vulnerability databases (NVD, CVE)
• Usage: search_vulnerabilities keywords="apache" severity="HIGH" date_range="1y"
• Features:
  • Keyword-based search across vulnerability descriptions
  • Severity filtering (CRITICAL, HIGH, MEDIUM, LOW)
  • Date range filtering (30d, 90d, 1y, 2y, or custom)
  • Advanced query capabilities for threat research

Exploit Availability Check (get_exploit_availability)

• Purpose: Check for public exploits and proof-of-concepts (PoCs)
• Data Source: ExploitDB, Metasploit, GitHub, security advisories
• Usage: get_exploit_availability cve_id="CVE-2021-44228"
• Features:
  • Multi-source exploit detection
  • Active exploitation indicators
  • PoC code availability assessment
  • Threat intelligence aggregation

Vulnerability Timeline (get_vulnerability_timeline)

• Purpose: Get comprehensive timeline and patch status information
• Data Source: NVD, vendor advisories, security bulletins
• Usage: get_vulnerability_timeline cve_id="CVE-2021-44228"
• Features:
  • Publication and disclosure timeline
  • Patch availability status
  • Vendor advisory tracking
  • Remediation guidance timeline

VEX Status Check (get_vex_status)

• Purpose: Check Vulnerability Exploitability eXchange (VEX) status for specific products
• Data Source: Vendor VEX statements and product security advisories
• Usage: get_vex_status cve_id="CVE-2021-44228" product="Apache HTTP Server"
• Features:
  • Product-specific impact assessment
  • Vendor-provided exploitability statements
  • False positive filtering
  • Supply chain impact analysis

Python Package Vulnerability Check (package_vulnerability_check)

• Purpose: Checks Python packages for known security vulnerabilities
• Data Source: OSV (Open Source Vulnerabilities) Database + PyPI
• Usage: package_vulnerability_check package_name="requests" version="2.25.1"
• Features:
  • Comprehensive vulnerability scanning for PyPI packages
  • Version-specific or all-versions checking
  • Detailed vulnerability reports with severity scores
  • Affected version ranges and fix information
  • Integration with CVE, GHSA, and PYSEC databases
  • Package metadata from PyPI

Alternative Setup Methods

Docker Setup (Recommended for Local Development)

• Initial setup:

# Clone the repository
git clone https://github.com/firetix/vulnerability-intelligence-mcp-server
cd vulnerability-intelligence-mcp-server

# Create environment file
cp .env.example .env

• Build and run using Docker Compose:

# Build and start the server
docker compose up --build -d

# View logs
docker compose logs -f

# Check server status
docker compose ps

# Stop the server
docker compose down

The server will be available at: http://localhost:8000/sse

Connect to Cursor IDE:

• Open Cursor Settings → Features
• Add new MCP server
• Type: Select "sse"
• URL: Enter http://localhost:8000/sse

Local Development Setup

• Install the uv package manager:

# Install uv on macOS
brew install uv
# Or install via pip (any OS)
pip install uv

• Install dependencies and run:

# Install the package with development dependencies
uv pip install -e ".[dev]"

# Using stdio transport (default)
uv run mcp-simple-tool

# Using SSE transport on custom port
uv run mcp-simple-tool --transport sse --port 8000

Environment Variables

Available environment variables (can be set in .env):

• MCP_SERVER_PORT (default: 8000) - Port to run the server on
• MCP_SERVER_HOST (default: 0.0.0.0) - Host to bind the server to
• DEBUG (default: false) - Enable debug mode
• MCP_USER_AGENT - Custom User-Agent for HTTP requests

Deploy Your Own Instance

If you want to deploy your own instance of the vulnerability intelligence server, you can use Heroku for quick deployment:

After deployment, your instance will be available at: https://your-app-name.herokuapp.com/sse

Configure your MCP client to use your deployed instance:

• For Claude Desktop: Update the FETCH_URL in your configuration
• For Cursor IDE: Update the URL in your MCP settings

Test your deployment with the same example queries as mentioned in the "Test the Connection" section.

How to install this MCP server

For Claude Code

To add this MCP server to Claude Code, run this command in your terminal:

claude mcp add-json "vulnerability-intelligence" '{"url":"https://vulnerability-intelligence-mcp-server-edb8b15494e8.herokuapp.com/sse"}'

See the official Claude Code MCP documentation for more details.

For Cursor

There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.

If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.

Adding an MCP server to Cursor globally

To add a global MCP server go to Cursor Settings > Tools & Integrations and click "New MCP Server".

When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:

{
    "mcpServers": {
        "vulnerability-intelligence": {
            "url": "https://vulnerability-intelligence-mcp-server-edb8b15494e8.herokuapp.com/sse"
        }
    }
}

Adding an MCP server to a project

To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.

How to use the MCP server

Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.

The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.

You can also explicitly ask the agent to use the tool by mentioning the tool name and describing what the function does.

For Claude Desktop

To add this MCP server to Claude Desktop:

1. Find your configuration file:

• macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
• Windows: %APPDATA%\Claude\claude_desktop_config.json
• Linux: ~/.config/Claude/claude_desktop_config.json

2. Add this to your configuration file:

{
    "mcpServers": {
        "vulnerability-intelligence": {
            "url": "https://vulnerability-intelligence-mcp-server-edb8b15494e8.herokuapp.com/sse"
        }
    }
}

3. Restart Claude Desktop for the changes to take effect