mcp-cve-intelligence-server-lite

Version:

Lite Model Context Protocol server for comprehensive CVE intelligence gathering with multi-source exploit discovery, designed for security professionals and cybersecurity researchers

github.com/gnlds/mcp-cve-intelligence-server

gnlds/mcp-cve-intelligence-server

206 lines (198 loc) • 5.01 kB

JSON

{ "sources": { "nvd": { "name": "National Vulnerability Database", "baseUrl": "https://services.nvd.nist.gov/rest/json/cves/2.0", "apiKeyRequired": false, "apiKeyEnvVar": "NVD_API_KEY", "authHeaderType": "apiKey", "authHeaderName": "apiKey", "requestTimeout": 3000, "priority": 1, "enabled": true, "endpoints": { "search": "/", "details": "/" }, "features": [ "search", "details", "cvss", "references", "cpe" ] }, "github": { "name": "GitHub Security Advisories", "baseUrl": "https://api.github.com/advisories", "apiKeyRequired": false, "apiKeyEnvVar": "GITHUB_TOKEN", "authHeaderType": "token", "authHeaderName": "Authorization", "requestTimeout": 3000, "priority": 2, "enabled": true, "endpoints": { "search": "/", "details": "/" }, "features": [ "search", "details", "exploits", "patches" ] }, "mitre": { "name": "MITRE CVE Records", "baseUrl": "https://cveawg.mitre.org/api", "apiKeyRequired": false, "apiKeyEnvVar": "MITRE_API_KEY", "requestTimeout": 3000, "priority": 3, "enabled": true, "endpoints": { "search": "/cve", "details": "/cve" }, "features": [ "details", "official", "authoritative", "cvss", "references" ] } }, "scoring": { "tiers": [ { "name": "critical", "conditions": [ {"cvssScore": 9.0, "operator": ">=", "hasExploit": true}, {"cvssScore": 9.8, "operator": ">=", "ageInDays": 30, "ageOperator": "<"} ], "score": 1.0 }, { "name": "high", "conditions": [ {"cvssScore": 7.0, "operator": ">=", "hasExploit": true}, {"cvssScore": 9.0, "operator": ">=", "ageInDays": 60, "ageOperator": "<"} ], "score": 0.8 }, { "name": "medium", "conditions": [ {"cvssScore": 4.0, "operator": ">=", "hasExploit": true}, {"cvssScore": 7.0, "operator": ">=", "ageInDays": 90, "ageOperator": "<"} ], "score": 0.6 } ], "fallback": { "exploitAvailabilityWeight": 0.4, "cvssWeight": 0.35, "ageWeight": 0.25 } }, "epss": { "baseFactors": { "cvssWeight": 0.3, "exploitAvailabilityWeight": 0.25, "ageWeight": 0.15 }, "exploitabilityFactors": { "attackVectorWeight": 0.1, "attackComplexityWeight": 0.08, "privilegesRequiredWeight": 0.07, "userInteractionWeight": 0.05 }, "contextualFactors": { "exploitMaturityWeight": 0.1, "publicDisclosureWeight": 0.05 }, "factors": { "attackVector": { "NETWORK": 1.0, "ADJACENT": 0.7, "LOCAL": 0.4, "PHYSICAL": 0.1 }, "attackComplexity": { "LOW": 1.0, "HIGH": 0.3 }, "privilegesRequired": { "NONE": 1.0, "LOW": 0.6, "HIGH": 0.3 }, "userInteraction": { "NONE": 1.0, "REQUIRED": 0.5 }, "exploitMaturity": { "UNPROVEN": 0.1, "PROOF_OF_CONCEPT": 0.4, "FUNCTIONAL": 0.7, "HIGH": 1.0 } } }, "exploitIndicators": { "patterns": { "exploitdb": { "domains": ["exploit-db.com"], "paths": [], "keywords": ["exploit-db"], "description": "Exploit Database references" }, "metasploit": { "domains": ["rapid7.com"], "paths": ["/db"], "keywords": ["metasploit"], "description": "Metasploit Framework references" }, "packetstorm": { "domains": ["packetstormsecurity.com"], "paths": [], "keywords": ["packetstorm"], "description": "Packet Storm Security references" }, "github": { "domains": ["github.com"], "paths": [], "keywords": ["exploit", "poc", "proof-of-concept"], "description": "GitHub exploit/PoC repositories" }, "nuclei": { "domains": [], "paths": [], "keywords": ["nuclei-templates", "nuclei"], "description": "Nuclei vulnerability templates" }, "nmap": { "domains": [], "paths": [], "keywords": ["nmap", "script"], "description": "Nmap security scripts" } }, "customPatterns": [ "(?:0day|zero-day).*(?:exploit|poc)", "vulnerability.*scanner.*(?:nuclei|nmap)", "(?:weaponized|weaponization).*exploit", "(?:rce|remote.code.execution).*(?:poc|exploit)" ], "enabled": true }, "defaults": { "requestTimeout": 3000, "retryAttempts": 3, "retryDelayMs": 1000, "retryBackoffMultiplier": 2, "retryOnStatusCodes": [429, 502, 503, 504] } }