Nist Nvd Mcp Server

Connects Claude to the NIST National Vulnerability Database API 2.0 for CVE research and CPE auditing. Exposes five tools: keyword search with severity and CWE filters, batch CVE lookup with full CVSS scoring across v2/v3/v4, CPE dictionary search, product version audit via exact CPE name or virtual match strings with version ranges, and CVE change history tracking. Built with token bucket rate limiting that respects NVD's 5 req/30s unauthenticated and 50 req/30s authenticated limits, automatic retry with backoff, and HTML response guards for their rate limit pages. Includes CISA KEV filtering for known exploited vulnerabilities. Useful for security audits, dependency scanning, and vulnerability surveillance workflows where you need structured access to official CVE data without writing your own NVD client.