cve-search_mcp (roadwy)
MCP server for querying the CVE-Search API for vulnerability and CPE data.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for cve-search_mcp (roadwy), derived from its capabilities.
AIVSS 4.5 ยท Medium
View MAESTRO 7-layer threat model โOverview
cve-search_mcp exposes the CVE-Search API to MCP clients so agents can query CVEs, CPEs, and related vulnerability data. It is an alternative NVD-independent source for vulnerability lookups. Read-only external data, so the primary risk is untrusted-content injection via CVE text.
Key features
- CVE-Search API queries
- CVE and CPE lookups
- Alternative to NVD-direct servers
Use cases
- Query CVE details via CVE-Search
- Resolve CPE to known vulnerabilities