Model Context Protocol (MCP) server for the CVEFeed.io vulnerability intelligence API
Project description
cvefeed-mcp
Model Context Protocol (MCP) server for the CVEFeed.io vulnerability intelligence API. Gives Claude Desktop, Cursor, Cline, and any other MCP-aware agent direct access to CVE search, project subscriptions, and vulnerability alerts.
Install
pip install cvefeed-mcp
# or
uvx cvefeed-mcp
Authenticate
Create a Project API Token at https://cvefeed.io/project/settings/api-tokens/, copy it, and export it alongside the numeric id of the project the token was issued for:
export CVEFEED_API_TOKEN=cvefeed_XXXXXXXX_...
export CVEFEED_PROJECT_ID=42
Each token is bound to exactly one project — one MCP install targets one project. The project id is the integer in your project dashboard URL (/project/detail/<slug>/; the numeric id is also shown in the project settings page).
Recommended scopes for full MCP functionality
MCP tools span four resource scopes. Grant read on every resource the agent may touch so it doesn't hit an "insufficient scope" error mid-task:
vulnerabilities: read— CVE / CPE / CVEQL / EPSS discovery toolssubscriptions: read(orwriteto let the agent add / remove product subscriptions)alerts: read(orwriteto let the agent mark alerts as read)activity_log: read— Enterprise only; required byread_project_activity_log
write implies read, so you don't need to tick both on the same resource.
Optionally override the base URL for staging or self-hosted deployments:
export CVEFEED_BASE_URL=https://cvefeed.io # default
Use with Claude Desktop
Add to your ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or equivalent:
{
"mcpServers": {
"cvefeed": {
"command": "uvx",
"args": ["cvefeed-mcp"],
"env": {
"CVEFEED_API_TOKEN": "cvefeed_XXXXXXXX_...",
"CVEFEED_PROJECT_ID": "42"
}
}
}
}
Use with Cursor / Cline
Same MCP server config format — point command at cvefeed-mcp (or uvx cvefeed-mcp) and set CVEFEED_API_TOKEN + CVEFEED_PROJECT_ID in the env block.
Available tools
| Tool | Purpose | Auth required |
|---|---|---|
search_cves |
Full-text and filter search over the CVE catalog | Optional |
get_cve_detail |
Fetch full metadata for a single CVE | Optional |
run_cveql_query |
Execute a CVEQL query for advanced hunting | Optional |
lookup_by_cpe |
Resolve CPE 2.3 URIs to CVEs/products/vendors | Pro tier |
get_exploit_intel |
Public exploits and EPSS scores | Pro tier |
list_product_subscriptions |
List subscriptions on the configured project | subscriptions:read |
add_product_subscription |
Subscribe the project to a product | subscriptions:write |
remove_product_subscription |
Unsubscribe from a product | subscriptions:write |
search_products |
Search products with subscription status | subscriptions:read |
list_project_alerts |
Read vulnerability alerts on the project | alerts:read |
mark_alert_read |
Mark an alert as read | alerts:write |
read_project_activity_log |
Read project audit log | activity_log:read, Enterprise |
Every project-scoped tool targets the single project set via CVEFEED_PROJECT_ID; the LLM never passes a project id.
Local development
cd mcp-server
pip install -e ".[dev]"
pytest -v
Transport
Ships stdio transport only (what Claude Desktop, Cursor, and Cline expect). Remote streamable-HTTP transport may follow in a later release.
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cvefeed_mcp-0.1.0.tar.gz.
File metadata
- Download URL: cvefeed_mcp-0.1.0.tar.gz
- Upload date:
- Size: 19.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c67cd8f227a766f0b0e590c1e094186a9ea1688ae00de0502df673b714f4aeed
|
|
| MD5 |
7f52e308dad9666b8fbfe1f8f20e2b23
|
|
| BLAKE2b-256 |
2c4c4d463730d8fe1b58085f468c7e2c0e6b4546104dae7e52477e0928928f1f
|
Provenance
The following attestation bundles were made for cvefeed_mcp-0.1.0.tar.gz:
Publisher:
release.yml on cvefeed/cvefeed-mcp
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
cvefeed_mcp-0.1.0.tar.gz -
Subject digest:
c67cd8f227a766f0b0e590c1e094186a9ea1688ae00de0502df673b714f4aeed - Sigstore transparency entry: 1350854650
- Sigstore integration time:
-
Permalink:
cvefeed/cvefeed-mcp@4a494dad0979ad62b5ec55f079e6c127196493ee -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/cvefeed
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@4a494dad0979ad62b5ec55f079e6c127196493ee -
Trigger Event:
push
-
Statement type:
File details
Details for the file cvefeed_mcp-0.1.0-py3-none-any.whl.
File metadata
- Download URL: cvefeed_mcp-0.1.0-py3-none-any.whl
- Upload date:
- Size: 14.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fcaddf9bb0b75d7ada70caae0bc158ddadea10e93488071ed5e27f6c4ed9a981
|
|
| MD5 |
a477443c66b4359b5557657ad22b751d
|
|
| BLAKE2b-256 |
4a4b9c610f1582b4c1215b7e9a08a504bb80d95e39e0f373236fe84bbeaa8571
|
Provenance
The following attestation bundles were made for cvefeed_mcp-0.1.0-py3-none-any.whl:
Publisher:
release.yml on cvefeed/cvefeed-mcp
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
cvefeed_mcp-0.1.0-py3-none-any.whl -
Subject digest:
fcaddf9bb0b75d7ada70caae0bc158ddadea10e93488071ed5e27f6c4ed9a981 - Sigstore transparency entry: 1350854747
- Sigstore integration time:
-
Permalink:
cvefeed/cvefeed-mcp@4a494dad0979ad62b5ec55f079e6c127196493ee -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/cvefeed
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@4a494dad0979ad62b5ec55f079e6c127196493ee -
Trigger Event:
push
-
Statement type: