NIST NVD
Provides AI agents with comprehensive access to the NIST National Vulnerability Database (NVD) API for searching, retrieving, and analyzing vulnerability data.
About
The NIST NVD server acts as a Model Context Protocol (MCP) server, offering a robust interface to the authoritative U.S. government repository of standards-based vulnerability management data. It empowers AI agents to seamlessly interact with the NIST NVD, enabling advanced search capabilities, detailed data retrieval, and insightful analysis of CVEs, CPEs, and CVSS scores, while handling API constraints and providing rich, structured responses.
Key Features
- Intelligent caching, built-in rate limiting with retry logic, and comprehensive error handling
- Advanced CVE search and retrieval with extensive filtering (keyword, date, severity, CWE)
- 1 GitHub stars
- CVSS analysis with filtering by v2/v3/v4 scores and severity ratings
- Automated detection and tracking of high-priority CVEs, including CISA KEV and CERT alerts
- CPE-based searches to identify vulnerabilities affecting specific products and versions
Use Cases
- Security Research & Analysis: Conduct in-depth investigations into vulnerability trends, types, and impacts.
- Threat Intelligence Analysis: Identify high-priority and critical vulnerabilities for proactive defense.
- Software Asset Vulnerability Assessment: Assess the security posture of specific software and versions using CPE matching.