Vulnerability Registry MCP Server

An MCP server that exposes a legacy vulnerability database as tools for LLM clients, enabling security analysts to query vulnerabilities using natural language through six specialized tools for vendor lookup, vulnerability search, and risk analysis.

→ orcohen5/vulnerability-registry · listed on glama

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

⚠️

Known vulnerabilities in dependencies: 3 high

Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.

✅

No credential exfiltration, no sensitive file access, no obfuscation

Static analysis found nothing flowing your secrets to unexpected places.

✅

Open source with a license and README

Anyone can audit the code, the license is declared, and the publisher documents what it does.

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 4 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/orcohen5-vulnerability-registry-o0sgeu)](https://m8ven.ai/mcp/orcohen5-vulnerability-registry-o0sgeu)

commit: 2a05b9a8dce1bdb03314ddb140c9eb9e87b1fa9c

code hash: 0e1be5bbdcd39a36fd70c2e221f5878c2c1121d4a65b6a37c2c373cb24ce1832

verified: 4/18/2026, 7:24:39 PM

view raw JSON →