OSV Database
An MCP server for querying the OSV (Open Source Vulnerability) database API.
MCP Server For OSV
A lightweight MCP (Model Context Protocol) server for OSV Database API.
Example:
Tools Provided
Overview
| name | description |
|---|---|
| query_package_cve | List all the CVE IDs for a specific package. Specific version can be passed as well for more narrow scope CVE IDs. |
| query_for_cve_affected | Query the OSV database for a CVE and return all affected versions of the package. |
| query_for_cve_fix_versions | Query the OSV database for a CVE and return all versions that fix the vulnerability. |
| get_ecosystems | Query the MCP for current supported ecosystems. |
Detailed Description
-
query_package_cve
- Query the OSV database for a package and return the CVE IDs.
- Input parameters:
package(string, required): The package name to queryversion(string, optional): The version of the package to query. If not specified, queries all versionsecosystem(string, optional): The ecosystem of the package. Defaults to "PyPI" for Python packages
- Returns a list of CVE IDs with their details
-
query_for_cve_affected
- Query the OSV database for a CVE and return all affected versions.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of affected version strings
-
query_for_cve_fix_versions
- Query the OSV database for a CVE and return all versions that fix the vulnerability.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of fixed version strings
-
get_ecosystems
- Query for all current supported ecosystems by the MCP servers.
- Return a dict with the key being the ecosystem name and the value the programming language / OS.
Prerequisites
-
Python 3.11 or higher: This project requires Python 3.11 or newer.
# Check your Python version python --version -
Install uv: A fast Python package installer and resolver.
pip install uvOr use Homebrew:
brew install uv
Tested on
- Cursor
- Claude
Installation
- Via Smithery:
npx -y @smithery/cli install @EdenYavin/OSV-MCP --client claude
-
Locally:
- Clone the repo:
https://github.com/EdenYavin/OSV-MCP.git - Configure your MCP Host (Cusrsor / Claude Desktop etc.):
- Clone the repo:
{
"mcpServers": {
"osv-mcp": {
"command": "uv",
"args": ["--directory", "path-to/OSV-MCP", "run", "osv-server"],
"env": {}
}
}
}
Leave a review on VibeApp if you enjoyed it :)!
Похожие серверы
BigQuery
Inspect database schemas and execute queries on Google BigQuery.
QuickBooks Online by CData
A read-only MCP server for querying live QuickBooks Online data. Requires a separate CData JDBC Driver for QuickBooks Online.
Metabase MCP Server
Integrates AI assistants with the Metabase business intelligence and analytics platform.
Supabase
Access and manage your Supabase projects through the Model Context Protocol (MCP).
Apple Health Data with Elasticsearch
A Python-based MCP server that connects to an Elasticsearch index with Apple HealthKit data.
CData Sync
A Model Context Protocol server for CData Sync, enabling data replication and transformation.
KOSPI/KOSDAQ Stock Server
Provides KOSPI/KOSDAQ stock data, including ticker lookup, OHLCV, market capitalization, and fundamental data.
Tabular MCP Server
An MCP server for local Tabular Models like PowerBI. It allows LLM clients to debug, analyze, and compose DAX queries by connecting to a local Tabular model instance.
BigCommerce by CData
A read-only MCP server for BigCommerce, enabling LLMs to query live data using the CData JDBC Driver.
XiYan MCP Server
A server that enables natural language queries to databases using XiyanSQL.