EPSS MCP Project

MultiStep MCP That Returns CVE Information With EPSS Score
  • python

13

GitHub Stars

python

Language

6 months ago

First Indexed

2 months ago

Catalog Refreshed

Documentation & install

Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.

Installation

Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "jgamblin-epss-mcp": {
      "command": "python",
      "args": [
        "epss_mcp.py"
      ],
      "env": {
        "NVD_API_KEY": "your-nvd-api-key"
      }
    }
  }
}

The EPSS MCP Server brings CVE details from the NVD API together with EPSS scores from the EPSS service, exposing them through a robust MCP interface so you can quickly query vulnerabilities and prioritize remediation.

How to use

You interact with the EPSS MCP Server through an MCP client to retrieve CVE information and EPSS scores. Start the local MCP server, then request details for a specific CVE by its ID to obtain descriptions, CWE mappings, CVSS scores, and the EPSS percentile.

How to install

Prerequisites: Python 3.13 or higher, Docker (optional for containerized deployment), and an NVD API key.

  1. Clone the project repository and navigate into it.

  2. Install the required Python dependencies in a virtual environment.

  3. Create a configuration file to supply your NVD API key.

  4. Run the MCP server locally. You can also deploy using Docker for a containerized setup.

$ git clone <repository-url>
$ cd epss-mcp-project

# Optional: create and activate a virtual environment
# Python 3.13+ is required
$ python -m venv venv
$ source venv/bin/activate  # on macOS/Linux
# Windows would use: venv\Scripts\activate

# Install dependencies
$ pip install -r requirements.txt

# Add your NVD API key to a .env file
$ printf 'NVD_API_KEY=your-nvd-api-key\n' > .env

# Start the MCP server locally
$ python epss_mcp.py

Additional sections

Configuration and deployment details from this guide cover local running and Docker-based deployment. The MCP server exposes an endpoint to fetch CVE data and EPSS scores; you can run it directly with Python or deploy via Docker for a portable runtime.

Docker deployment options are provided to run the MCP server in containerized form and expose port 8000 so you can access it from other tools and interfaces.

If you intend to use the VS Code MCP integration, you can register a local stdio MCP server pointing to your Python entry point so the editor can query CVE details and EPSS scores on demand.

Available tools

fetchCveDetails

Retrieve comprehensive CVE information from the NVD API, including descriptions, CWEs, and CVSS scores.

fetchEpssScores

Obtain EPSS scores and percentiles for specified CVEs to assess exploit likelihood.

serveMcpData

Expose vulnerability and EPSS information through the MCP server for integration with clients.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational