Cross-source cybersecurity vulnerability intelligence combining NIST NVD CVE data, CISA Known Exploited Vulnerabilities, and EPSS exploit probability scores into unified risk assessments. Essential for security teams and AI-assisted vulnerability triage workflows.
This MCP Bundle Server is compatible with any MCP client including Claude Desktop, Cursor, and other Model Context Protocol implementations.
Get a frequency breakdown of weakness types (CWEs) across all CISA KEV entries. Shows which vulnerability classes are most commonly exploited in the w...
Find CISA KEV entries with past-due or upcoming federal remediation deadlines. Overdue entries represent federally mandated patches that haven't been ...
Look up a specific CVE in the CISA Known Exploited Vulnerabilities catalog. Returns full KEV entry details including the required remediation action, ...
Get a KEV exposure breakdown for a specific vendor β how many actively exploited vulnerabilities affect each of their products, and which products hav...
Get CISA KEV entries that are linked to known ransomware campaigns. These are the highest-priority vulnerabilities β actively exploited AND used by ra...
Get the most recently added vulnerabilities to the CISA KEV catalog. Results are sorted newest-first. Use days_back to control the lookback window. Cr...
Search the CISA KEV catalog by vendor, product, vulnerability name, or keyword. Case-insensitive full-text search across all fields. Use ransomware_on...
Get a summary of the CISA Known Exploited Vulnerabilities catalog: total count, catalog version, date released, how many were added in the last 7/30/9...
Check a list of CVEs from a vulnerability scan against the CISA KEV catalog. Returns which CVEs are confirmed actively exploited (in KEV), which are n...
Discover the most exploitable CVEs by EPSS score. Filter by minimum/maximum exploit probability to find vulnerabilities most likely to be exploited in...
Generate a threat landscape report showing how many CVEs fall into each EPSS risk band (CRITICAL/HIGH/MEDIUM/LOW). Provides total counts at each thres...
Get the EPSS exploit prediction score for a CVE at a specific historical date. Useful for understanding how exploit risk has evolved, or for retrospec...
Find CVEs by EPSS percentile ranking. The percentile shows where a CVE ranks relative to all other scored CVEs. A percentile of 0.99 means the CVE has...
Get the 30-day EPSS score trend for a specific CVE. Shows how the exploit prediction probability has changed over the past month. Useful for identifyi...
Look up EPSS exploit prediction scores for one or more CVEs. Returns the probability (0-1) that each CVE will be exploited in the wild within 30 days,...
Search the EPSS database by CVE ID pattern. Find all scored CVEs matching a text pattern β useful for year-based analysis (e.g., 'CVE-2025'), vendor-r...
Triage a list of CVEs from a vulnerability scan by exploit probability. Pass in CVE IDs from a scan report and get back a prioritized remediation plan...
Manage your technology stack profile. The server remembers what you run and flags CVEs that affect your technologies in every response. Actions: add (...
Manage your CVE watchlist. The server tracks EPSS score changes and KEV status for watched CVEs and reports deltas in every lookup and briefing. Actio...
Find CVEs affecting a specific product using its exact CPE name from the NVD database. CPE format: cpe:2.3:part:vendor:product:version:*:*:*:*:*:*:* w...
Search the NIST NVD for CVEs by CVSS v3 severity (LOW, MEDIUM, HIGH, CRITICAL) with optional keyword and recency filters. Use keyword_search to narrow...
Search the NIST NVD for CVEs by CWE weakness type with optional severity and recency filters. Common CWE IDs: CWE-79 (XSS), CWE-89 (SQL Injection), CW...
Get the complete change history for a specific CVE from the NIST NVD. Shows when and how the CVE was modified β including analysis updates, CVSS chang...
Get CVEs in the CISA KEV catalog with full NVD CVSS scoring details. These are actively exploited vulnerabilities federal agencies must remediate. Use...
Look up a specific CVE by its ID from the NIST National Vulnerability Database. Returns full details including CVSS scores, description, affected prod...
Get recently published or modified CVEs from the NIST NVD. Defaults to the last 7 days of modified CVEs. Use pub_or_mod to switch between filtering by...
Search the NIST NVD for CVEs by keyword with optional severity and recency filters. Combine keyword + cvss_v3_severity + days_back for targeted querie...
Triage scanner output β paste Trivy JSON, Grype JSON, CSV, or any text containing CVE IDs. Extracts all CVE IDs, queries NVD + CISA KEV + EPSS for eac...
Full cross-source vulnerability analysis: NVD CVE details + EPSS exploit probability + CISA KEV status + composite risk score. Fetches all three sourc...
Open the interactive Vulnerability Intelligence dashboard. Shows CVE details, EPSS exploit probability scores, CISA KEV status, and composite risk ass...
Connect this Vulnerability Intelligence MCP Bundle Server to any MCP client in minutes
Compatible with Claude Desktop, Cursor, and all Model Context Protocol clients
Model Context Protocol lets AI tools call external capabilities securely through a single URL. This bundle groups tools behind an MCP endpoint that many clients can use.
Skip the manual setup! Use the .mcpb file format for one-click installation. Check the Claude Desktop tab for setup instructions.
Select ChatGPT, Cursor, Claude Code, or another tab for copy-paste config.