Open-Source CVE Triage: Combining NVD, CISA KEV, and EPSS in One MCP Server
Your vulnerability scanner dumps 200 CVEs. You sort by CVSS score. The CVSS 9.8 at the top gets your attention. You patch it first.
Meanwhile, a CVSS 5.0 three pages down is in active ransomware campaigns. CISA added it to the Known Exploited Vulnerabilities catalog last week. EPSS gives it an 80% exploitation probability. Nobody looked at it because it was page three.
CVSS tells you how bad a vulnerability could be. It says nothing about whether anyone is actually exploiting it. For that, you need two more data sources — and nobody combines all three in one place.
Until now. vulnerability-intelligence-mcp is an open-source MCP server that pulls from NIST NVD, CISA KEV, and FIRST.org EPSS, computes a composite risk score, and gives your AI 30 tools for CVE analysis, watchlist tracking, and scanner triage.
