OSV Database
An MCP server for querying the OSV (Open Source Vulnerability) database API.
MCP Server For OSV
A lightweight MCP (Model Context Protocol) server for OSV Database API.
Example:
Tools Provided
Overview
| name | description |
|---|---|
| query_package_cve | List all the CVE IDs for a specific package. Specific version can be passed as well for more narrow scope CVE IDs. |
| query_for_cve_affected | Query the OSV database for a CVE and return all affected versions of the package. |
| query_for_cve_fix_versions | Query the OSV database for a CVE and return all versions that fix the vulnerability. |
| get_ecosystems | Query the MCP for current supported ecosystems. |
Detailed Description
-
query_package_cve
- Query the OSV database for a package and return the CVE IDs.
- Input parameters:
package(string, required): The package name to queryversion(string, optional): The version of the package to query. If not specified, queries all versionsecosystem(string, optional): The ecosystem of the package. Defaults to "PyPI" for Python packages
- Returns a list of CVE IDs with their details
-
query_for_cve_affected
- Query the OSV database for a CVE and return all affected versions.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of affected version strings
-
query_for_cve_fix_versions
- Query the OSV database for a CVE and return all versions that fix the vulnerability.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of fixed version strings
-
get_ecosystems
- Query for all current supported ecosystems by the MCP servers.
- Return a dict with the key being the ecosystem name and the value the programming language / OS.
Prerequisites
-
Python 3.11 or higher: This project requires Python 3.11 or newer.
# Check your Python version python --version -
Install uv: A fast Python package installer and resolver.
pip install uvOr use Homebrew:
brew install uv
Tested on
- Cursor
- Claude
Installation
- Via Smithery:
npx -y @smithery/cli install @EdenYavin/OSV-MCP --client claude
-
Locally:
- Clone the repo:
https://github.com/EdenYavin/OSV-MCP.git - Configure your MCP Host (Cusrsor / Claude Desktop etc.):
- Clone the repo:
{
"mcpServers": {
"osv-mcp": {
"command": "uv",
"args": ["--directory", "path-to/OSV-MCP", "run", "osv-server"],
"env": {}
}
}
}
Leave a review on VibeApp if you enjoyed it :)!
Похожие серверы
Outreach.io by CData
A read-only MCP server for querying live data from Outreach.io using the CData JDBC Driver.
BigQuery
Explore, query, and manage data in Google BigQuery.
MongoDB Mongoose MCP
An MCP server for MongoDB with optional Mongoose schema support.
Borsa MCP
Provides programmatic access to Borsa Istanbul (BIST) stock data, financials, news, and analysis using KAP and Yahoo Finance.
MCP Database Server
An MCP server that enables LLMs to interact with databases like MongoDB using natural language.
ChromaDB
Provides AI assistants with persistent memory using ChromaDB vector storage.
cowork-semantic-search
Local semantic search over documents (txt, md, pdf, docx, pptx, csv). Fully offline, multilingual, hybrid vector + keyword search via LanceDB. No API keys, no cloud.
Hologres
Connect to a Hologres instance, get table metadata, query and analyze data.
Isthmus
Local MCP server that connects AI models to any PostgreSQL database. Discover schemas, explore relationships, profile tables, and run read-only SQL queries, policy column masking,... all running locally
Financial Datasets
Stock market API made for AI agents