Skip to main content

Model Context Protocol (MCP) server for the CVEFeed.io vulnerability intelligence API

Project description

cvefeed-mcp

Model Context Protocol (MCP) server for the CVEFeed.io vulnerability intelligence API. Gives Claude Desktop, Cursor, Cline, and any other MCP-aware agent direct access to CVE search, project subscriptions, and vulnerability alerts.

Install

pip install cvefeed-mcp
# or
uvx cvefeed-mcp

Authenticate

Create a Project API Token at https://cvefeed.io/project/settings/api-tokens/, copy it, and export it alongside the numeric id of the project the token was issued for:

export CVEFEED_API_TOKEN=cvefeed_XXXXXXXX_...
export CVEFEED_PROJECT_ID=42

Each token is bound to exactly one project — one MCP install targets one project. The project id is the integer in your project dashboard URL (/project/detail/<slug>/; the numeric id is also shown in the project settings page).

Recommended scopes for full MCP functionality

MCP tools span four resource scopes. Grant read on every resource the agent may touch so it doesn't hit an "insufficient scope" error mid-task:

  • vulnerabilities: read — CVE / CPE / CVEQL / EPSS discovery tools
  • subscriptions: read (or write to let the agent add / remove product subscriptions)
  • alerts: read (or write to let the agent mark alerts as read)
  • activity_log: read — Enterprise only; required by read_project_activity_log

write implies read, so you don't need to tick both on the same resource.

Optionally override the base URL for staging or self-hosted deployments:

export CVEFEED_BASE_URL=https://cvefeed.io   # default

Use with Claude Desktop

Add to your ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or equivalent:

{
  "mcpServers": {
    "cvefeed": {
      "command": "uvx",
      "args": ["cvefeed-mcp"],
      "env": {
        "CVEFEED_API_TOKEN": "cvefeed_XXXXXXXX_...",
        "CVEFEED_PROJECT_ID": "42"
      }
    }
  }
}

Use with Cursor / Cline

Same MCP server config format — point command at cvefeed-mcp (or uvx cvefeed-mcp) and set CVEFEED_API_TOKEN + CVEFEED_PROJECT_ID in the env block.

Available tools

Tool Purpose Auth required
search_cves Full-text and filter search over the CVE catalog Optional
get_cve_detail Fetch full metadata for a single CVE Optional
run_cveql_query Execute a CVEQL query for advanced hunting Optional
lookup_by_cpe Resolve CPE 2.3 URIs to CVEs/products/vendors Pro tier
get_exploit_intel Public exploits and EPSS scores Pro tier
list_product_subscriptions List subscriptions on the configured project subscriptions:read
add_product_subscription Subscribe the project to a product subscriptions:write
remove_product_subscription Unsubscribe from a product subscriptions:write
search_products Search products with subscription status subscriptions:read
list_project_alerts Read vulnerability alerts on the project alerts:read
mark_alert_read Mark an alert as read alerts:write
read_project_activity_log Read project audit log activity_log:read, Enterprise

Every project-scoped tool targets the single project set via CVEFEED_PROJECT_ID; the LLM never passes a project id.

Local development

cd mcp-server
pip install -e ".[dev]"
pytest -v

Transport

Ships stdio transport only (what Claude Desktop, Cursor, and Cline expect). Remote streamable-HTTP transport may follow in a later release.

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cvefeed_mcp-0.1.0.tar.gz (19.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

cvefeed_mcp-0.1.0-py3-none-any.whl (14.0 kB view details)

Uploaded Python 3

File details

Details for the file cvefeed_mcp-0.1.0.tar.gz.

File metadata

  • Download URL: cvefeed_mcp-0.1.0.tar.gz
  • Upload date:
  • Size: 19.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for cvefeed_mcp-0.1.0.tar.gz
Algorithm Hash digest
SHA256 c67cd8f227a766f0b0e590c1e094186a9ea1688ae00de0502df673b714f4aeed
MD5 7f52e308dad9666b8fbfe1f8f20e2b23
BLAKE2b-256 2c4c4d463730d8fe1b58085f468c7e2c0e6b4546104dae7e52477e0928928f1f

See more details on using hashes here.

Provenance

The following attestation bundles were made for cvefeed_mcp-0.1.0.tar.gz:

Publisher: release.yml on cvefeed/cvefeed-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file cvefeed_mcp-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: cvefeed_mcp-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 14.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for cvefeed_mcp-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 fcaddf9bb0b75d7ada70caae0bc158ddadea10e93488071ed5e27f6c4ed9a981
MD5 a477443c66b4359b5557657ad22b751d
BLAKE2b-256 4a4b9c610f1582b4c1215b7e9a08a504bb80d95e39e0f373236fe84bbeaa8571

See more details on using hashes here.

Provenance

The following attestation bundles were made for cvefeed_mcp-0.1.0-py3-none-any.whl:

Publisher: release.yml on cvefeed/cvefeed-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page