Back to Browse
Free
Server data from the Official MCP Registry
SEC company search and SBA business resources. 4 MCP tools for business intelligence.
About
SEC company search and SBA business resources. 4 MCP tools for business intelligence.
Remote endpoints: streamable-http: https://business-entity-mcp.apify.actor/mcp
Security Report
10.0
Low Risk10.0Low RiskValid MCP server (4 strong, 3 medium validity signals). No known CVEs in dependencies. Imported from the Official MCP Registry. Trust signals: trusted author (21/21 approved).
Endpoint verified · Requires authentication · 1 issue found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Permissions Required
This plugin requests these system permissions. Most are normal for its category.
How to Connect
Remote Plugin
No local installation needed. Your AI client connects to the remote endpoint directly.
Add this to your MCP configuration to connect:
{
"mcpServers": {
"io-github-martc03-business-entity": {
"url": "https://business-entity-mcp.apify.actor/mcp"
}
}
}Documentation
View on GitHubFrom the project's GitHub README.
Cybersecurity Vulnerability Intelligence MCP Server
Unified vulnerability intelligence from 4 government data sources in a single MCP server. Get enriched CVE lookups with CVSS scores, active exploitation status, exploitation probability, and ATT&CK techniques in one call.
| Source | What It Provides | Update Frequency |
|---|---|---|
| NIST NVD 2.0 | CVE details, CVSS scores, descriptions, references, CWE classifications | Continuous |
| CISA KEV | Actively exploited vulnerabilities catalog, remediation deadlines | Daily |
| FIRST.org EPSS | Exploitation probability scores (0-1) predicting likelihood of exploitation in next 30 days | Daily |
| MITRE ATT&CK | Adversary techniques mapped to CVEs | Quarterly |
Tools
vuln_lookup_cve — Enriched CVE Lookup
The killer feature. Look up any CVE and get intelligence from all 4 sources in a single call.
- Input:
{ cveId: "CVE-2021-44228" } - Returns: NVD details + CVSS score + KEV exploitation status + EPSS probability + ATT&CK techniques
vuln_search — Search CVEs
Search the NVD by keyword, severity, and date range. Optionally filter to only actively exploited (KEV) vulnerabilities.
- Input:
{ keyword: "apache log4j", severity: "CRITICAL", hasKev: true, limit: 20 }
vuln_kev_latest — Recently Exploited Vulnerabilities
Get vulnerabilities recently added to CISA's Known Exploited Vulnerabilities catalog.
- Input:
{ days: 7, limit: 20 }
vuln_kev_due_soon — Upcoming Remediation Deadlines
Get KEV entries with remediation deadlines approaching. Critical for federal compliance.
- Input:
{ days: 14, limit: 20 }
vuln_epss_top — Highest Exploitation Probability
Get CVEs most likely to be exploited in the next 30 days based on EPSS machine learning model.
- Input:
{ threshold: 0.7, limit: 20 }
vuln_trending — Newly Published Critical CVEs
Get recently published high/critical severity CVEs from the NVD.
- Input:
{ days: 3, severity: "CRITICAL", limit: 20 }
vuln_by_vendor — Vendor Vulnerability Assessment
Search CVEs for a specific vendor/product. Cross-references with CISA KEV to flag actively exploited issues.
- Input:
{ vendor: "microsoft", product: "windows", limit: 20 }
Use Cases
- Vulnerability triage: Look up a CVE and instantly know if it's actively exploited, its EPSS score, and what ATT&CK techniques apply
- Patch prioritization: Combine KEV status + EPSS scores to prioritize remediation
- Compliance tracking: Monitor upcoming CISA KEV remediation deadlines
- Threat intelligence: Track trending CVEs and newly weaponized vulnerabilities
- Vendor risk assessment: Assess a vendor's vulnerability exposure and active exploitation status
Quick Start
Glama (hosted)
Install from Glama.ai.
Apify (hosted)
{
"mcpServers": {
"cybersecurity": {
"url": "https://cybersecurity-vuln-mcp.apify.actor/mcp"
}
}
}
Claude Desktop / Claude Code
{
"mcpServers": {
"cybersecurity": {
"command": "node",
"args": ["path/to/servers/cybersecurity-vuln-mcp/dist/stdio.js"],
"env": {
"NVD_API_KEY": "your-key-here"
}
}
}
}
Local (stdio)
git clone https://github.com/martc03/gov-mcp-servers.git
cd gov-mcp-servers/servers/cybersecurity-vuln-mcp
npm install && npm run build
node dist/stdio.js
Environment Variables
| Variable | Required | Description |
|---|---|---|
NVD_API_KEY | No | NVD API key for higher rate limits (50 req/30s vs 5 req/30s). Register here. |
Caching
| Data Source | TTL | Notes |
|---|---|---|
| NVD CVE lookups | 1 hour | Per-CVE |
| CISA KEV catalog | 2 hours | Full catalog |
| EPSS scores | 24 hours | Per-CVE |
| ATT&CK mappings | Static | Bundled with server |
Architecture
- Protocol: MCP over stdio (Glama/local) or Streamable HTTP (Apify)
- Runtime: Node.js 18+, TypeScript
- Data: Direct API calls to free government data sources, zero cost
- Caching: In-memory with configurable TTLs
Other Servers in This Repo
This repository contains 13 MCP servers for US government data. See each server's README for details.
| Server | Tools | Data Sources |
|---|---|---|
| us-safety-recalls-mcp | 4 | NHTSA recalls, FDA recalls |
| natural-disaster-intel-mcp | 4 | FEMA disasters, NOAA weather, USGS earthquakes |
| federal-financial-intel-mcp | 4 | SEC EDGAR, CFPB complaints, BLS employment |
| immigration-travel-mcp | 3 | Visa bulletins, border wait times |
| environmental-compliance-mcp | 3 | EPA air quality, HUD foreclosures |
| gov-contracts-mcp | 4 | SAM.gov contracts, USAspending |
| court-records-mcp | 4 | PACER, federal court records |
| public-health-mcp | 4 | NIH clinical trials, FDA adverse events |
| business-entity-mcp | 4 | SEC company search, SBA resources |
| regulatory-monitor-mcp | 4 | Federal Register, regulations.gov |
| grant-finder-mcp | 4 | Grants.gov, USAspending |
| competitive-intel-mcp | 4 | SEC filings, patent data, trade data |
A REST API gateway with 45 endpoints is also available at govdata-api.netlify.app.
Attribution
- NVD: This product uses data from the NVD API but is not endorsed or certified by the NVD.
- EPSS: Data provided by FIRST.org (https://www.first.org/epss/).
- ATT&CK: Registered trademark of The MITRE Corporation. Licensed under Apache 2.0.
- KEV: CISA Known Exploited Vulnerabilities Catalog, US Government public domain.
Custom MCP Server Development
Need a custom MCP server for your business? Visit mcpdev.netlify.app or email codee.mcpdev@gmail.com.
License
MIT
Reviews
No reviews yet
Be the first to review this server!
More Developer Tools MCP Servers
Git
Freeby Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
80.0K
Stars
3
Installs
6.5
Security
No ratings yet
Local
Toleno
Freeby Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
114
Stars
409
Installs
8.0
Security
4.8
Local
mcp-creator-python
Freeby mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
-
Stars
55
Installs
10.0
Security
5.0
Local
MarkItDown
Freeby Microsoft · Content & Media
Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption
116.1K
Stars
15
Installs
6.0
Security
5.0
Local
mcp-creator-typescript
Freeby mcp-marketplace · Developer Tools
Scaffold, build, and publish TypeScript MCP servers to npm — conversationally
-
Stars
14
Installs
10.0
Security
5.0
Local
FinAgent
Freeby mcp-marketplace · Finance
Free stock data and market news for any MCP-compatible AI assistant.
-
Stars
13
Installs
10.0
Security
No ratings yet
Local