I made a simple CVE MCP server

I made a simple CVE MCP server. This is going to be one part of a larger vulnerability analysis system I have in my brain.

It’s not real smrt yet. It just reads a single CVE record and returns whatever data is in the JSON.

You can find the code here

• https://github.com/joshbressers/ai-skeptic/tree/main/cve-mcp

The JSON is all coming from the CVE 5 GitHub repository

Here’s an example interaction

Enter your message: Tell me about CVE-2025-55182

User: Tell me about CVE-2025-55182

Agent: The CVE-2025-55182 is a pre-authentication remote code execution vulnerability affecting React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0. This includes the packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack.

The vulnerable code deserializes payloads from HTTP requests to Server Function endpoints unsafely. The vulnerability has been rated with a CVSS score of 10 (Critical) due to its high impact on confidentiality, integrity, and availability.

This CVE was disclosed by Meta on December 3, 2025, in their blog post about the critical security vulnerability in React Server Components.

Additional information can be found from other sources such as CISA and Openwall lists. Enter your message: How serious is CVE-2025-55182

User: How serious is CVE-2025-55182

Agent: CVE-2025-55182 is rated with a CVSS score of 10, which classifies it as CRITICAL.

Key Indicators of Severity:#

1. Impact:

   • The vulnerability allows for remote code execution (RCE) during deserialization of payloads from HTTP requests to Server Function endpoints in affected React Server Components versions.
   • This means an attacker can execute arbitrary code on the server, potentially leading to full system compromise.

2. Exploitability:

   • The issue is pre-authentication, meaning no credentials or user interaction are required for exploitation.
   • Active exploitation has been confirmed, with automated tools capable of exploiting this vulnerability.

3. Attack Vector:

   • Network: Since it’s a remote code execution vulnerability that can be exploited over the network (HTTP requests), it poses an immediate risk to servers processing such traffic.

4. Exploitability Metrics:

   • The CVSS 3.1 vector string AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H further underscores its critical nature, with high impact on confidentiality, integrity, and availability of the affected system.

Risk Summary#

• High Likelihood: Given that no authentication is required to exploit this vulnerability, it’s highly likely to be targeted by malicious actors.
• Potential Consequences:
  • Data exfiltration or alteration.
  • Full takeover of server resources.
  • Widespread compromise if an attacker gains access to a critical infrastructure component.

Recommended Actions#

1. Immediate Upgrade: Upgrade React Server Components (including react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack) to versions newer than those affected by the vulnerability.
2. Patch Management: Ensure that all instances where these components are used have been updated promptly.
3. Monitoring: Monitor server logs for unusual activity, especially related to deserialization or any unexpected execution of code in the context of server functions.

In summary, CVE-2025-55182 is highly critical and poses a significant risk due to its remote code execution capabilities, lack of authentication requirement, and potential impact on system integrity and availability. Immediate action to mitigate this vulnerability is strongly advised.

It’s pretty chatty, but is the data I want. Adding some search capability will come eventually, but for a first go, this works.