MCP Server CVE Exposure Mapping and Public API Released

MCP Server Security Analysis and Public API

Security researchers have analyzed thousands of MCP (Model Context Protocol) servers to map their dependency trees against known CVEs and security advisories. When you install an MCP server, you're inheriting its entire dependency tree, which may contain vulnerabilities.

Key Findings from the Analysis

• A meaningful percentage of servers carry known vulnerabilities
• Some servers accumulate dozens or 100+ CVEs through dependencies
• Severity varies significantly - high CVE count doesn't necessarily mean high risk, and low count doesn't guarantee safety
• Dependency sprawl is common across MCP servers
• A large portion of these servers still appear on major MCP directories

Public API Details

The researchers built a public API that requires no API key: https://api.mistaike.ai/api/v1/public/cve-index

With this API, you can:

• Search by repository name or server name
• Filter results by vulnerability severity
• Sort by CVE count or recency of vulnerabilities

Important Caveats

The presence of a CVE doesn't automatically mean it's exploitable. Some vulnerabilities exist in unused code paths, while others may already be mitigated. This tool provides visibility into supply chain risk rather than labeling projects as unsafe.

Next Phase: Runtime Behavior Analysis

The researchers are now analyzing what MCP servers actually do at runtime, including network calls and external dependencies. In a subset of servers analyzed so far (~5%), they've identified a small number of behaviors that may have privacy implications, including apparent use of invisible Unicode characters consistent with response watermarking. These observations are still under review, and the team is working to separate true positives from analysis artifacts before engaging with projects directly.