An open-source MCP server transforms Claude AI into a security analyst with 27 tools spanning 21 APIs for CVE lookup, EPSS scoring, and KEV checks.
A new open-source project called CVE MCP Server is redefining how security teams triage vulnerabilities, transforming Anthropic’s Claude AI into a fully capable security analyst by giving it direct access to 27 intelligence tools spanning 21 external APIs through a single natural-language query. Every security analyst knows the painful reality of opening a dozen browser tabs to triage a single CVE, and EPSS v4 research shows that 96% of CVE alerts below an exploitation threshold go completely uninvestigated due to manual workload alone.
Released on GitHub by developer Mahipal, the server implements Anthropic’s Model Context Protocol and integrates Claude with tools organized into five categories: Core Vulnerability Intelligence (NVD, EPSS, CISA KEV), Exploit & Attack Intelligence (MITRE ATT&CK, GitHub PoC, Exploit-DB, CAPEC), Network Intelligence (AbuseIPDB, GreyNoise, Shodan, CIRCL Passive DNS), Threat Intelligence (VirusTotal, MalwareBazaar, ThreatFox, Ransomwhere), and Advanced Risk & Reporting with a weighted risk scoring formula. The formula weights EPSS probability at 35%, CISA KEV status at 30%, CVSS at 20%, and PoC availability at 15%.
Eight tools require zero API keys, including EPSS, CISA KEV, OSV.dev, MITRE ATT&CK, CWE lookups, and Ransomwhere. Teams can deploy immediately and progressively add API keys for expanded throughput. The server also addresses supply chain security with DevSecOps tools for scanning dependencies against OSV.dev and GitHub Security Advisories.
A score of 76-100 triggers a CRITICAL label requiring patching within 24-48 hours. The server is available at github.com/mukul975/cve-mcp-server under an open-source license.
Source: Cyber Security News — CVE MCP Server Turns Claude Into a Fully Capable Security Analyst With
