UNPKG

mcp-cve-intelligence-server-lite

Version:

Lite Model Context Protocol server for comprehensive CVE intelligence gathering with multi-source exploit discovery, designed for security professionals and cybersecurity researchers

github.com/gnlds/mcp-cve-intelligence-server

gnlds/mcp-cve-intelligence-server

107 lines (75 loc) 6.12 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# Changelog All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] ## [0.1.0] - 2025-08-04 ### Added - MCP CVE Intelligence Server Lite - First Stable Release > **Note**: This is the **first stable release** of the MCP CVE Intelligence Server **Lite**, providing production-ready CVE intelligence capabilities through the Model Context Protocol. This lite version focuses on essential features with streamlined functionality, now ready for production use. #### Core CVE Intelligence Features (7 MCP Tools - Lite Version) - **Advanced CVE Search** (`searchCves`): Multi-source CVE data aggregation with comprehensive filtering and intelligent date-based recommendations - **Detailed CVE Information** (`getCveDetails`): Full CVSS v4/v3/v2 metrics, affected products, and exploit references - **Trending Analysis** (`getTrendingCves`): CVE trending based on severity, age, and exploit indicators with intelligent scoring - **EPSS Risk Scoring** (`calculateEpssScores`): Environmental context-aware vulnerability prioritization with exploit prediction - **Professional Reports** (`generateCveReport`): Technical penetration testing reports in multiple formats (Markdown, JSON, summary) - **Product Discovery** (`searchByCpe`): CPE-based vulnerability discovery for specific products and versions - **Health Monitoring** (`getSourceHealth`): Data source availability, performance tracking, and status diagnostics #### CVE Data Sources (3 Implemented - Lite Configuration) - **NVD (National Vulnerability Database)**: Primary CVE data source with CVSS metrics and CPE matching - **MITRE CVE Records**: Authoritative CVE information with official assignments and CWE mappings - **GitHub Security Advisories**: Modern vulnerability advisories with ecosystem-specific data #### Exploit Intelligence System (Lite Pattern Detection) - **Pattern-Based Detection**: Automatic detection from CVE references using streamlined pattern matching - **Essential Coverage**: Support for Exploit-DB, Metasploit, PacketStorm, GitHub PoCs, Nuclei, and Nmap - **Intelligence Analysis**: Intelligent parsing of CVE references with verification and context - **Performance Optimized**: Pre-calculated exploit indicators during data normalization for fast access #### Enterprise-Ready Features (Lite Edition) - **Dual Transport Support**: HTTP REST API mode and MCP stdio transport for flexible integration - **Health Monitoring**: Essential endpoints with source diagnostics - **Performance Optimized**: Built-in timing metrics and intelligent caching - **Flexible Authentication**: Multi-API key support with automatic fallback and rate limit management - **Docker Ready**: Containerization with multi-stage builds and health checks - **Security Hardened**: Non-root containers, input sanitization, and secure error handling #### Technical Foundation - **TypeScript Excellence**: Fully typed codebase with strict mode, comprehensive error handling, and modern ES modules - **Robust Error Handling**: Exponential backoff retry logic, intelligent failure recovery, and graceful degradation - **Configuration Management**: Flexible multi-source configuration via `cve-sources.json` with hot-reload support - **Structured Logging**: Winston-based logging with performance timing, context tracking, and multiple output formats - **Comprehensive Validation**: Zod schema validation for all inputs with detailed error reporting and sanitization #### Documentation & Community - **Complete Documentation**: Comprehensive README with setup guides and usage examples - **Contributing Guidelines**: Detailed development workflow and contribution standards - **Security Policy**: Vulnerability reporting procedures and security best practices - **MIT License**: Open source licensing for broad compatibility and community adoption - **Code Quality**: ESLint configuration with TypeScript best practices and automated checks ### Improvements from Alpha to Stable - **API Stabilization**: All MCP tool interfaces are now stable and production-ready - **Enhanced Error Handling**: Improved error messages and graceful failure recovery - **Performance Optimization**: Better caching and request handling - **Documentation Polish**: Complete documentation with all examples and guides - **Security Hardening**: Enhanced input validation and secure error handling - **Production Ready**: Stable configuration and deployment scripts ### Known Limitations (Lite Stable Release) - **Lite Version**: This is a streamlined lite edition focused on core CVE intelligence features - **In-Memory Processing**: No persistent data storage in this lite version - **Essential Pattern Detection**: Exploit detection uses reference pattern matching (no active scanning) - **Public APIs Only**: Uses free/public APIs with rate limiting considerations ### Future Enhancements (Beyond Lite Version) - Full enterprise edition with advanced exploit classification - Real-time vulnerability monitoring and alerting - Premium vulnerability database integrations - Advanced threat intelligence correlation - Persistent data storage and caching mechanisms - Enhanced weaponization classification system - Extended pattern detection capabilities ### Contributing We welcome contributions! This lite release provides a solid foundation for expanding CVE intelligence capabilities. Priority areas for contribution include: - Adding additional CVE and exploit data sources - Enhancing exploit detection and classification algorithms - Improving performance optimization and caching mechanisms - Expanding report formats and visualization options Please see our [Contributing Guidelines](CONTRIBUTING.md) for details on development setup and submission process. ## Security For security-related issues, please see our [Security Policy](SECURITY.md). ## License This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.