mcpindex.aiv0
← Index

io.github.cyanheads/nist-nvd-mcp-server

io.github.cyanheads/nist-nvd-mcp-server·v0.1.6·Documents & Spreadsheets
Quality Score
80
/100

Search and audit NIST NVD CVEs by keyword, severity, CWE, CISA KEV status, and CPE.

Repository →
§00  Trust verdict · v1 advisory ·  method
UNVERIFIEDno verdict on file

Verdict not yet evaluated for this tool. The hybrid eval runs adversarial cases first; coverage rolls out as the corpus expands. Until a verdict is recorded, an agent should treat this tool as not-yet-cleared and fall back to its own checks. Method: hybrid eval, four-state verdict, honest limits.

§01  Install
Claude Desktop (claude_desktop_config.json)
{
  "mcpServers": {
    "nist-nvd-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "@cyanheads/nist-nvd-mcp-server"
      ],
      "env": {
        "NVD_API_KEY": "<nvd_api_key>",
        "NVD_REQUEST_TIMEOUT_MS": "10000",
        "MCP_LOG_LEVEL": "info",
        "MCP_HTTP_HOST": "127.0.0.1",
        "MCP_HTTP_PORT": "3010",
        "MCP_HTTP_ENDPOINT_PATH": "/mcp",
        "MCP_AUTH_MODE": "none"
      }
    }
  }
}
Cursor (.cursor/mcp.json)
{
  "mcpServers": {
    "nist-nvd-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "@cyanheads/nist-nvd-mcp-server"
      ],
      "env": {
        "NVD_API_KEY": "<nvd_api_key>",
        "NVD_REQUEST_TIMEOUT_MS": "10000",
        "MCP_LOG_LEVEL": "info",
        "MCP_HTTP_HOST": "127.0.0.1",
        "MCP_HTTP_PORT": "3010",
        "MCP_HTTP_ENDPOINT_PATH": "/mcp",
        "MCP_AUTH_MODE": "none"
      }
    }
  }
}
Cline (cline_mcp_settings.json)
npx -y @cyanheads/nist-nvd-mcp-server
§02  Environment variables
NVD_API_KEY

NVD API key. Without it, rate limit is 5 req/30s; with it, 50 req/30s. Get one free at nvd.nist.gov/developers/request-an-api-key.

NVD_REQUEST_TIMEOUT_MS

Per-request timeout in milliseconds. Raise to 60000 when using nvd_get_cve_history without an API key.

MCP_LOG_LEVEL

Sets the minimum log level for output (e.g., 'debug', 'info', 'warn').

NVD_API_KEY

NVD API key. Without it, rate limit is 5 req/30s; with it, 50 req/30s. Get one free at nvd.nist.gov/developers/request-an-api-key.

NVD_REQUEST_TIMEOUT_MS

Per-request timeout in milliseconds. Raise to 60000 when using nvd_get_cve_history without an API key.

MCP_HTTP_HOST

The hostname for the HTTP server.

MCP_HTTP_PORT

The port to run the HTTP server on.

MCP_HTTP_ENDPOINT_PATH

The endpoint path for the MCP server.

MCP_AUTH_MODE

Authentication mode to use: 'none', 'jwt', or 'oauth'.

MCP_LOG_LEVEL

Sets the minimum log level for output (e.g., 'debug', 'info', 'warn').

§03  MCP Quality Score  ·  methodology
freshness
25
completeness
10
installability
25
documentation
15
stability
5
§04  Alternatives in Documents & Spreadsheets
ac.tandem/docs-mcp
ac.tandem/docs-mcp

Remote MCP server for Tandem docs, install guides, SDKs, workflows, and agent setup help.

ai.adramp/google-ads
ai.adramp/google-ads

Google Ads MCP server — manage campaigns, keywords, and metrics.

AutEng MCP - Markdown Publishing & Document Share Links
ai.auteng/docs

Publish markdown documents as public share links with mermaid diagram support. Built by AutEng.ai