OSV Database
An MCP server for querying the OSV (Open Source Vulnerability) database API.
MCP Server For OSV
A lightweight MCP (Model Context Protocol) server for OSV Database API.
Example:
Tools Provided
Overview
| name | description |
|---|---|
| query_package_cve | List all the CVE IDs for a specific package. Specific version can be passed as well for more narrow scope CVE IDs. |
| query_for_cve_affected | Query the OSV database for a CVE and return all affected versions of the package. |
| query_for_cve_fix_versions | Query the OSV database for a CVE and return all versions that fix the vulnerability. |
| get_ecosystems | Query the MCP for current supported ecosystems. |
Detailed Description
-
query_package_cve
- Query the OSV database for a package and return the CVE IDs.
- Input parameters:
package(string, required): The package name to queryversion(string, optional): The version of the package to query. If not specified, queries all versionsecosystem(string, optional): The ecosystem of the package. Defaults to "PyPI" for Python packages
- Returns a list of CVE IDs with their details
-
query_for_cve_affected
- Query the OSV database for a CVE and return all affected versions.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of affected version strings
-
query_for_cve_fix_versions
- Query the OSV database for a CVE and return all versions that fix the vulnerability.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of fixed version strings
-
get_ecosystems
- Query for all current supported ecosystems by the MCP servers.
- Return a dict with the key being the ecosystem name and the value the programming language / OS.
Prerequisites
-
Python 3.11 or higher: This project requires Python 3.11 or newer.
# Check your Python version python --version -
Install uv: A fast Python package installer and resolver.
pip install uvOr use Homebrew:
brew install uv
Tested on
- Cursor
- Claude
Installation
- Via Smithery:
npx -y @smithery/cli install @EdenYavin/OSV-MCP --client claude
-
Locally:
- Clone the repo:
https://github.com/EdenYavin/OSV-MCP.git - Configure your MCP Host (Cusrsor / Claude Desktop etc.):
- Clone the repo:
{
"mcpServers": {
"osv-mcp": {
"command": "uv",
"args": ["--directory", "path-to/OSV-MCP", "run", "osv-server"],
"env": {}
}
}
}
Leave a review on VibeApp if you enjoyed it :)!
관련 서버
Sanity MCP Server
Connects Sanity projects with AI tools, allowing AI models to understand content structure and perform operations using natural language.
Quanti: connectors MCP
Unify your marketing team around one AI-powered source of truth. Quanti connects your marketing data to your warehouse. Execute SQL queries on BigQuery, explore table schemas, discover pre-built use cases, and analyze performance across Google Analytics, Google Ads, Meta Ads, TikTok, affiliate networks and more. all through natural conversation
Baserow
Read and write access to your Baserow tables.
D&D 5E MCP Server
Access Dungeons & Dragons 5th Edition content, including spells, classes, and monsters, via the Open5e API.
CData AlloyDB MCP Server
A read-only MCP server for AlloyDB, enabling LLMs to query live data directly from AlloyDB databases.
MCP Oracle Database Server
A server for full integration with Oracle Database. Requires Oracle Instant Client libraries.
MSSQL MCP Server
Interact with Microsoft SQL Server (MSSQL) databases. List tables, read data, and execute SQL queries with controlled access.
Isthmus
Local MCP server that connects AI models to any PostgreSQL database. Discover schemas, explore relationships, profile tables, and run read-only SQL queries, policy column masking,... all running locally
MotherDuck
Query and analyze data with MotherDuck and local DuckDB
Highrise by CData
A read-only MCP server for Highrise, enabling LLMs to query live data using the CData JDBC Driver.