MCP server exposing 2 tools for epss.
This URL is a JSON-RPC 2.0 endpoint over HTTP. Issue POST requests with a JSON-RPC body. Browsers and search crawlers land here on GET.
POST https://gateway.pipeworx.io/epss/mcp
Content-Type: application/json
{"jsonrpc":"2.0","id":1,"method":"tools/list"}get_epss — EPSS exploit-probability for one or more CVEs. Returns each CVE's EPSS score (0-1 = probability it will be exploited in the wild in the next 30 days) and percentile (how it ranks vs all CVEs). Use to gauge real-world exploit likelihood and prioritize patching — complements CVSS severity (a high-severity CVE with low EPSS may be lower urgency than a moderate-severity one with high EPSS).top_exploited — List the CVEs most likely to be exploited, ranked by EPSS score descending. Answers "which vulnerabilities are most likely to be exploited right now" so you can prioritize patching. EPSS is the probability (0-1) a CVE will be exploited in the wild in the next 30 days; this complements CVSS severity rather than replacing it.Code samples (curl / TypeScript / one-click client install), schemas, and the live playground are on the pack page:
https://pipeworx.io/packs/epss/
Pipeworx is an open MCP gateway connecting AI agents to live data. pipeworx.io