Share
## https://sploitus.com/exploit?id=530891A2-9B72-53B4-8C8C-C2608435E23C
# NotCVE MCP Server

[![notcve/mcp-server MCP server](https://glama.ai/mcp/servers/notcve/mcp-server/badges/score.svg)](https://glama.ai/mcp/servers/notcve/mcp-server)

Live vulnerability intelligence for AI agents β€” **365,000+ CVEs and NotCVEs**
enriched from **80+ correlated sources**: CVSS, EPSS, CISA KEV, SSVC,
NIST-repaired affected versions, advisories, exploits and patch diffs.

Backed by [notcve.org](https://notcve.org), the vulnerability registry that
also assigns public, timestamped **NotCVE IDs** to vulnerabilities not
acknowledged by vendors.

- **Hosted endpoint (recommended):** `https://notcve.org/mcp` β€” Streamable
  HTTP with OAuth 2.1 + PKCE or static Bearer token. No install.
- **This repo:** a zero-dependency stdio bridge (`server.py`, pure Python
  stdlib) for stdio-only clients and containerized runs.
- **Docs:** 

## Tools (17)

| Tool | Credits | Purpose |
|---|---|---|
| `account_status` | 0 | Plan, credits, capability flags |
| `search_help` | 0 | Search filter / mode reference |
| `tirs_facets` | 0 | TIR counts by type and source |
| `get_vulnerability_summary` | 1 | Compact CVE/NotCVE summary + retrieval advice |
| `get_cve` / `get_notcve` | 1 | Full canonical record (metadata + CPEs + TIR stubs) |
| `list_vulnerability_tirs` | 1 | Paginated TIR metadata, filter by type/source |
| `get_vulnerability_tir_content` | 1 | One TIR payload (exploit code, rule body, patch) |
| `get_exploit_material` | 1+ | Exploit/patch material for a CVE in one call |
| `list_affected_versions` | 1 | Affected-version rows, paginated |
| `check_version_impact` | 1 | Yes/no impact for vendor/product/version |
| `bulk_get_summary` | 1 | Summaries for up to 10 IDs at once |
| `compare_versions` | 1 | Which CVEs affect which versions |
| `version_exposure` | 1 | CVEs affecting a vendor/product/version + rollup |
| `stack_check` | 1 | Triage up to 10 stack components at once |
| `recent_kev` | 1 | Recently added CISA KEV entries |
| `search_vulnerabilities` | 1 / 2 | Typed-arg search (`search_mode=deep` = 2) |

## Quick start β€” hosted endpoint

The hosted server is the best experience for clients that speak Streamable
HTTP (Claude, ChatGPT, Claude Code, Cursor, Codex CLI…). MCP access is
included in [Essential and Professional plans](https://notcve.org/pricing/);
get your API token from the [dashboard](https://notcve.org/user/).

**Claude (claude.ai / Desktop)** β€” Settings β†’ Connectors β†’ Add custom
connector β†’ `https://notcve.org/mcp` β†’ Connect (OAuth).

**Claude Code**

```bash
claude mcp add --transport http notcve https://notcve.org/mcp
# or with a static token:
claude mcp add --transport http notcve https://notcve.org/mcp \
  --header "Authorization: Bearer YOUR_API_TOKEN"
```

**Cursor** (`~/.cursor/mcp.json`)

```json
{
    "mcpServers": {
        "notcve": {
            "url": "https://notcve.org/mcp",
            "headers": { "Authorization": "Bearer YOUR_API_TOKEN" }
        }
    }
}
```

**Codex CLI** (`~/.codex/config.toml`)

```toml
[mcp_servers.notcve]
url = "https://notcve.org/mcp"
headers = { Authorization = "Bearer YOUR_API_TOKEN" }
```

## Quick start β€” stdio bridge (this repo)

For stdio-only MCP clients, or wherever you prefer a local process. Pure
Python β‰₯ 3.8 standard library β€” nothing to `pip install`.

```bash
git clone https://github.com/notcve/mcp-server.git
cd mcp-server
NOTCVE_API_TOKEN=YOUR_API_TOKEN python3 server.py
```

Generic stdio client config:

```json
{
    "mcpServers": {
        "notcve": {
            "command": "python3",
            "args": ["/path/to/mcp-server/server.py"],
            "env": { "NOTCVE_API_TOKEN": "YOUR_API_TOKEN" }
        }
    }
}
```

Or with Docker:

```bash
docker build -t notcve-mcp .
docker run -i --rm -e NOTCVE_API_TOKEN=YOUR_API_TOKEN notcve-mcp
```

`initialize` and `tools/list` are answered locally (no credentials needed),
so the server introspects cleanly out of the box; `tools/call` forwards to
the hosted endpoint with your token.

## Environment

| Variable | Default | Purpose |
|---|---|---|
| `NOTCVE_API_TOKEN` | β€” | Your NotCVE API token (dashboard β†’ API). Required for tool calls. |
| `NOTCVE_MCP_URL` | `https://notcve.org/mcp` | Hosted endpoint override. |

## Example prompts

> Using NotCVE MCP, find vulnerabilities updated in the last 14 days with
> CVSS β‰₯ 8.5 and at least one public exploit. Summarise the top 10.

> Check whether apache log4j 2.14.1 is affected by CVE-2021-44228, then
> list the lowest fixed version.

> Compare openssl 3.0.5, 3.0.13 and 3.0.15 and tell me which CVEs each
> upgrade resolves.

## Links

- Docs:  Β· REST API: 
- Plans & pricing: 
- What is a NotCVE?  Β· Request one: 

## License

[MIT](LICENSE)