ToolPin

KernelScan

io.kernelscan/kernelscan · v1.0.0 · MCP 2025-11-25

Linux kernel CVE analyzer: upload a .config, get a CycloneDX VEX report of affecting CVEs.

Reachability reachable
checked 2026-07-14 04:31 UTC
Registry status active
Tools pinned 10
57cce905fa07
Tools last changed unchanged since first capture 2026-07-14

Provenance

Registry namespace io.kernelscan (domain verified by the official registry)
Website https://kernelscan.io
Remote endpoints
https://kernelscan.io/mcp/ (streamable-http)

Observed changes

When (UTC)EventDetail
2026-07-14 03:23 first capture 10 tools pinned

Pinned tool definitions (10)

ToolDescription
search_cves Search Linux kernel CVEs. No API key required: keyless callers get the free public tier — recent high-severity Linux kernel CVEs (capped at 25 results). Free *keyed* callers see only CVEs published in the last...
get_cve Fetch a single Linux kernel CVE by ID (e.g. ``CVE-2024-12345``). No API key required: keyless callers get the public representation of a CVE, but only for CVEs in the public set (recent high-severity); any other...
list_products List the calling user's products with denormalized analysis stats. Paid plans only (basic / pro / enterprise). Free callers get a clear upgrade message.
get_product Fetch one product owned by the caller, including the CVE breakdown. Returns 404 (not 403) if the product belongs to another user, so product existence isn't leaked across accounts.
get_product_vex Return the CycloneDX 1.6 VEX document for one of the caller's products. Reads from the 24h ProductVexCache; if the cache is empty/expired the next call to ``get_product`` (or the REST endpoint) will regenerate it.
create_product Create a new product, run analysis, and return its initial stats. ``config_upload_id`` references a previously-staged .config that the caller POSTed to ``/api/configs/uploads`` over plain HTTP — the LLM does NOT...
update_product Update a product owned by the caller. Re-runs analysis if the kernel_version, arch, or referenced .config changed. To change the .config, first POST the new file to ``/api/configs/uploads`` (see...
whoami Return the caller's identity, plan, and quota state. Works without an API key: keyless callers get a lightweight public-tier payload (no account) describing how to request access.
request_access Request an invitation to KernelScan from inside MCP (no API key needed). Use this when a keyless caller wants the full service. It records an invitation request and emails a confirmation; an admin reviews it and, ...
submit_support_report Send a support / dispute report to KernelScan staff. Use this when an automated CVE or factor assessment looks wrong, or when you need to hand human-needed context back to the team. The caller's API-key user is...

Status badge

ToolPin status badge for io.kernelscan/kernelscan

[![ToolPin](https://toolpin.dev/badge/io.kernelscan/kernelscan.svg)](https://toolpin.dev/servers/io.kernelscan/kernelscan)

Maintain this server? Add the badge to your README — it links your users to this live status page.