A Model Context Protocol (MCP) server for Debian security vulnerability analysis. This server integrates with AI assistants (like Claude) to provide vulnerability scanning capabilities for Debian systems.
- List Vulnerabilities: Scan all installed packages on your Debian system for known vulnerabilities
- CVE Research: Get detailed information about specific CVEs including EPSS scores
- Automatic Suite Detection: Automatically detects your Debian suite (bookworm, trixie, sid, etc.)
- EPSS Integration: Enriches vulnerability data with Exploit Prediction Scoring System (EPSS) scores
pip install -e .debsecan-mcpOr with a specific Debian suite:
DEBSECAN_SUITE=bookworm debsecan-mcpLists all vulnerabilities affecting the currently installed packages on the system. Categorises them by severity (critical, high, medium, low, negligible) and EPSS score.
Provides detailed information for a list of CVE IDs, including:
- Package name
- Urgency level
- EPSS score and percentile
- Whether a fix is available
- Remote exploitability
- Description
To use this MCP server with VSCode and AI assistants:
-
Open VSCode Settings (JSON):
- On macOS:
Cmd + Shift + P→ "Preferences: Open Settings (JSON)" - On Linux/Windows:
Ctrl + Shift + P→ "Preferences: Open Settings (JSON)"
- On macOS:
-
Add the MCP server configuration:
{
"mcpServers": {
"debsecan": {
"command": "debsecan-mcp",
"args": [],
"env": {
"DEBSECAN_SUITE": "bookworm"
}
}
}
}-
Replace
bookwormwith your Debian suite codename (e.g.,trixie,sid,GENERIC) -
Restart VSCode or reload the window
- Package Discovery: Uses
python-aptto enumerate all installed packages on the system - Vulnerability Data: Fetches compressed vulnerability data from the Debian Security Tracker
- EPSS Enrichment: Downloads EPSS scores from CISA to prioritize vulnerabilities
- Analysis: Compares installed package versions against vulnerability data using APT version comparison
- Python 3.11+
- Debian-based distribution (Debian, Ubuntu, etc.)
- Network access to download vulnerability data