MCP server for CIRCL CVE Search API with intelligent risk assessment and comprehensive vulnerability analysis.
# CIRCL CVE SEARCH MCP Server
A Model Context Protocol (MCP) server for accessing the CIRCL CVE SEARCH API, providing comprehensive vulnerability and security information.
## Features
This MCP server provides reliable tools to access:
- **CVE Information**: Get detailed information about specific Common Vulnerabilities and Exposures
- **Vendor Browsing**: Browse CVEs by vendor name to discover security issues in specific vendors' products
- **CWE Information**: Get Common Weakness Enumeration information for understanding vulnerability types
- **CAPEC Information**: Get Common Attack Pattern Enumeration and Classification data for understanding attack methods
## Key Improvements
- **Retry Logic**: Automatic retry with exponential backoff for reliable API calls
- **Enhanced Formatting**: Structured, readable response formatting with key information highlighted
- **Better Error Handling**: Clear, actionable error messages with troubleshooting guidance
- **Input Validation**: Comprehensive validation and sanitization of all inputs
## Installation
```bash
npm install @cyreslab/circl-cve-search-mcp-server
```
## Usage
Add this server to your MCP client configuration:
```json
{
"mcpServers": {
"circl-cve-search": {
"command": "npx",
"args": ["@cyreslab/circl-cve-search-mcp-server"]
}
}
}
```
## Available Tools
### get_cve
Get detailed information about a specific CVE by its ID.
**Parameters:**
- `cve_id` (required): CVE identifier (e.g., "CVE-2021-44228")
**Example:**
```json
{
"name": "get_cve",
"arguments": {
"cve_id": "CVE-2021-44228"
}
}
```
**Response Format:**
- Structured CVE data with key information highlighted
- Summary, publication dates, CVSS scores
- Associated weakness types (CWE) and reference counts
- Full raw data for detailed analysis
### browse_vendor
Browse CVEs by vendor name to discover security issues in specific vendors' products.
**Parameters:**
- `vendor` (required): Vendor name (e.g., "apache",