mcp-nvd (marcoeg)
MCP server to query the NIST National Vulnerability Database (NVD) CVE API.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for mcp-nvd (marcoeg), derived from its capabilities.
AIVSS 4.9 ยท Medium
View MAESTRO 7-layer threat model โOverview
mcp-nvd is a focused MCP server that lets agents query the NIST National Vulnerability Database via its official API for CVE details, CVSS scores, and metadata. It is a clean single-purpose vulnerability-lookup tool for LLM consumption. Its surface is mostly read-only external data, so the main concern is returning attacker-influenced CVE descriptions into the model.
Key features
- Direct NVD CVE API queries
- CVSS scores and CVE metadata
- Single-purpose, lightweight
Use cases
- Look up a CVE's details and severity
- Feed vulnerability data into an agent workflow