Model Context Protocol Server

NezhaCyberMCP
AI-Powered CVE Intelligence

Connect your AI assistant to real-time vulnerability data from CIRCL, GitHub Advisory, and MyCERT. Query CVEs, analyze threats, and generate security reports — all through natural language.

Get Started View on GitHub
200K+CVEs Indexed
9.4K+GitHub Advisories
790+MyCERT Bulletins
10MCP Tools
MCP Inspector
$ tools/call get_cve
cve_id: "CVE-2021-44228"
─────────────────────────
title: "Apache Log4j2 RCE"
severity: CRITICAL
cvss: 10.0
source: "circl_cves"
cwe: ["CWE-502"]
Features

Everything your AI needs to reason about vulnerabilities

A complete MCP server purpose-built for cybersecurity intelligence

Real-Time Sync

Automatically syncs CVE data from CIRCL, GitHub Advisory Database, and MyCERT on a scheduled cron job.

Semantic Search

Search across all three data sources simultaneously by keyword, severity, vendor, product, or CWE ID.

AWS Lambda Ready

Detects runtime environment automatically. Runs as a long-lived MCP server locally or as a Lambda function on AWS.

Credential Safety

All sensitive values are masked in logs. AWS credentials, DB passwords, and API keys never appear in output.

Built-in Prompts

Pre-built prompt templates for security advisories, patch prioritization, stakeholder triage, and weekly reports.

Multi-DB Support

Supports PostgreSQL, MySQL, SQL Server, Oracle, QuestDB, and Amazon Aurora DSQL via GORM.

Data Sources

Three authoritative data sources

Aggregated, deduplicated, and always up to date

CIRCL CVE

cve.circl.lu

Computer Incident Response Center Luxembourg — the authoritative CVE feed with full CVSS scoring and affected package data.

200K+CVE Records
CVSSScoring
JSONFormat

GitHub Advisory

api.github.com

GitHub's curated security advisory database covering npm, PyPI, Maven, Go, Rust, and more ecosystems.

9.4K+Advisories
10+Ecosystems
GHSAIDs

MyCERT

mycert.org.my

Malaysia Computer Emergency Response Team — regional security bulletins covering threats relevant to Southeast Asia.

790+Bulletins
SEARegion
HTMLScraped
MCP Tools

MCP Tools

Ask your AI assistant to call these tools directly

get_cve

Look up a specific CVE by ID across all three data sources

search_cves

Full-text search with filters for severity, vendor, product, CWE, and date range

whats_new

Get the latest CVEs published after a given date

filter_severity

Filter CVEs by CRITICAL / HIGH / MEDIUM / LOW severity

bulk_get

Retrieve multiple CVEs in a single call

vuln_trends

Analyze vulnerability trends over time by severity

search_by_cpe

Search CVEs by CPE (Common Platform Enumeration) string

related_cves

Find CVEs related to a given CVE by shared CWE or affected packages

Ready to give your AI superpowers?

Add NezhaCyberMCP to your Claude, Cursor, or any MCP-compatible AI assistant. No database setup required — CVE data is served directly from our infrastructure.

View Setup Guide
{
  "mcpServers": {
    "nezha-cyber": {
      "command": "./advisory"
    }
  }
}