Get the FREE Ultimate OpenClaw Setup Guide →

mcp-nvd

MCP server that retrieves CVE information

Installation
Run this command in your terminal to add the MCP server to Claude Code.
Run in terminal:
View docs
Command
claude mcp add --transport stdio gkhays-mcp-nvd-server uvx mcp-nvd \
  --env NVD_API_KEY="your NVD API key (optional but recommended)"

How to use

The MCP NVD Server is a Python-based MCP server that retrieves and serves CVE information from the National Vulnerability Database (NVD). It is intended to be used within the MCP ecosystem to provide up-to-date vulnerability data to clients and tools that rely on standardized CVE information. After starting the server with the uvx-based command, you can query and retrieve CVE details, descriptions, and references through the MCP interface and tooling. If you have access to the MCP Inspector, you can validate and inspect the MCP-NVD server’s behavior by launching the inspector against the running server to observe incoming requests and responses in real time.

How to install

Prerequisites:

  • uv (Python/uv) for dependency management and building
  • Node.js (for MCP Inspector and related tooling)

Installation steps:

  1. Install prerequisites (Node.js and uv):

  2. Synchronize dependencies with uv: uv sync

  3. Run or test locally (example with MCP Inspector for debugging): npx @modelcontextprotocol/inspector uv --directory /path/to/mcp-nvd run mcp-nvd

  4. (Optional) Obtain an NVD API key for higher rate limits and add it to the environment when running the server as needed.

Note: The server is designed to work within the MCP ecosystem and may require additional configuration in your environment to expose endpoints or integrate with a client workflow.

Additional notes

Tips and common considerations:

  • An NVD API key can significantly increase rate limits; set it via environment variable NVD_API_KEY if available.
  • The README indicates the project uses uv for dependency management; using uv sync is the recommended first step.
  • If you encounter rate-limiting when querying NVD, consider supplying an API key or caching CVE data locally where appropriate.
  • When using MCP Inspector, you can validate request/response formats and schemas to ensure compatibility with your MCP clients.
  • Ensure your environment has Python 3.12+ as indicated by the project badge; keep dependencies up to date to avoid security issues.

Related MCP Servers

mcp-sandbox

36

Python sandboxes for llms

ez

31

The easiest path to getting an MCP server going

claude_autoapprove_mcp

27

An MCP server to inject auto-approve MCP functionality into Claude Desktop

aviationstack

16

An MCP server using the AviationStack API to fetch real-time flight data including airline flights, airport schedules, future flights and aircraft types ✈️.

pwndbg

15

An MCP tool endows AI agent with the capability to debug ELF

Youtube

11

YouTube MCP Server is an AI-powered solution designed to revolutionize your YouTube experience. It empowers users to search for YouTube videos, retrieve detailed transcripts, and perform semantic searches over video content—all without relying on the official API. By integrating with a vector database, this server streamlines content discovery.

Sponsor this space

Reach thousands of developers