How to Use the NIST NVD MCP in Claude Code

Q: How do I add the NIST NVD MCP Server to Claude Code?

Run claude mcp add --transport http nist-nvd -- . Make sure all flags come before the server name.

Q: Can Claude Code search NIST NVD by severity level?

Yes. You can tell it to execute searchcvebyseverity and return only critical or high-risk vulnerabilities.

Pipe NIST NVD data directly into your terminal via this MCP server. Let Claude Code automate vulnerability checks in your CI/CD pipeline.

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

MCP Servers - Free for Subscribers

Connect NIST NVD MCP to Claude Code

Create your Vinkius account to connect NIST NVD to Claude Code and route execution through our secure gateway. The platform manages server hosting, runtime updates, and security layers. Configuration requires no manual server provisioning.

GDPR Free for Subscribers

Setup NIST NVD with Claude Code

Ask AI about this MCP

ChatGPT

Claude

Perplexity

Headless NIST NVD MCP Server Scans

You live in the terminal. Now your security audits do too. You run Claude Code in a headless environment and let it hunt for threats. The agent uses `search_cve_by_keyword` to scan for specific exploits affecting your infrastructure. It pulls the raw JSON data and pipes it straight into your logging pipeline.

Map Your CPE Inventory

Auditing dependencies manually is a waste of engineering hours. You can automate the entire product matching process. Claude Code runs `search_cpe_by_keyword` to find the base vendor string. Then it hits `get_cpe_by_id` to pull the exact dictionary entry, ensuring your automated patch scripts target the right software.

Monitor Threat Escalations

Vulnerability reports get updated constantly. A low-priority bug becomes a zero-day overnight. Your AI client runs `get_cve_change_history` to track these modifications. You can set up a cron job that alerts your SRE team the minute a CVE severity score jumps.

Setup guide

Set up NIST NVD MCP in Claude Code

Prerequisites

Claude Code CLI installed (npm install -g @anthropic-ai/claude-code)
Active Vinkius subscription with a valid endpoint token

1

Run the add command

Open your terminal and run the command shown on the right. Replace [YOUR_TOKEN_HERE] with your endpoint token from cloud.vinkius.com. Use --scope user to make it available across all projects.
2

Verify the connection

Start a Claude Code session and type /mcp to list connected servers. You should see nist-nvd-mcp with a green status indicator.
3

Start using tools

Ask Claude Code something like "Check my latest NIST NVD transactions." It will automatically discover and invoke the available NIST NVD tools.

Terminal

claude mcp add --transport http nist-nvd-mcp https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp

Get your connection token →

Prerequisites

Claude Code CLI installed
Active Vinkius subscription with a valid endpoint token

1

Open the config file

Create or edit .mcp.json in your project root for project-level scope, or ~/.claude.json for user-level scope.
2

Add the NIST NVD MCP

Paste the JSON snippet shown on the right into the mcpServers object. Replace [YOUR_TOKEN_HERE] with your endpoint token from cloud.vinkius.com.
3

Restart Claude Code

Start a new Claude Code session. Type /mcp to confirm the server is connected. The tools will be automatically available in your conversation.

.mcp.json

{
  "mcpServers": {
    "nist-nvd-mcp": {
      "type": "url",
      "url": "https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp"
    }
  }
}

Get your connection token →

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by NIST NVD. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

Why Choose Vinkius

Vinkius connects your tools to AI with real-time monitoring and automatic cost savings — all from one dashboard.

Connect NIST NVD now

Real-time monitoring

Live

visibility into every interaction

Connect your favorite tools to your AI and see exactly what's happening — every request, every response, in real time.

Built-in savings

60%

lower AI costs

Vinkius compresses data between your apps and your AI automatically. Lower bills every month — no configuration required.

Single dashboard

One

place for every integration

Every tool your AI connects to, managed from a single screen. One account, complete control.

Common questions about NIST NVD MCP in Claude Code

Run `claude mcp add --transport http nist-nvd -- `. Make sure all flags come before the server name.

Yes. You can tell it to execute `search_cve_by_severity` and return only critical or high-risk vulnerabilities.

No. Everything runs directly in your terminal. The agent executes the API calls and prints the results to standard output.

The NIST API occasionally hangs under load. The MCP server will return a standard timeout error that your pipeline can catch and retry.

No. It only queries public security registries. The server transmits product keywords and CVE numbers, never your proprietary environment variables or source code.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.

OpenAI Agents SDK sdk-python

Google ADK sdk-python

Pydantic AI sdk-python

Vercel AI SDK sdk-typescript