VulScan-MCP scans project dependencies for latest known CVEs from NVD and OSV databases in real time

Integrates with VS Code and GitHub Copilot. Ask "Check for security vulnerabilities" and it scans your manifest files.

Only reports actual CVEs, not deprecated packages or outdated versions.

Doesn't auto-patch anything. Just provides information and remediation guidance in easy to follow language.

Source code: https://github.com/abhishekrai43/VulScan-MCP

Marketplace: Search "VulScan-MCP"