OSV Database
An MCP server for querying the OSV (Open Source Vulnerability) database API.
MCP Server For OSV
A lightweight MCP (Model Context Protocol) server for OSV Database API.
Example:
Tools Provided
Overview
| name | description |
|---|---|
| query_package_cve | List all the CVE IDs for a specific package. Specific version can be passed as well for more narrow scope CVE IDs. |
| query_for_cve_affected | Query the OSV database for a CVE and return all affected versions of the package. |
| query_for_cve_fix_versions | Query the OSV database for a CVE and return all versions that fix the vulnerability. |
| get_ecosystems | Query the MCP for current supported ecosystems. |
Detailed Description
-
query_package_cve
- Query the OSV database for a package and return the CVE IDs.
- Input parameters:
package(string, required): The package name to queryversion(string, optional): The version of the package to query. If not specified, queries all versionsecosystem(string, optional): The ecosystem of the package. Defaults to "PyPI" for Python packages
- Returns a list of CVE IDs with their details
-
query_for_cve_affected
- Query the OSV database for a CVE and return all affected versions.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of affected version strings
-
query_for_cve_fix_versions
- Query the OSV database for a CVE and return all versions that fix the vulnerability.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of fixed version strings
-
get_ecosystems
- Query for all current supported ecosystems by the MCP servers.
- Return a dict with the key being the ecosystem name and the value the programming language / OS.
Prerequisites
-
Python 3.11 or higher: This project requires Python 3.11 or newer.
# Check your Python version python --version -
Install uv: A fast Python package installer and resolver.
pip install uvOr use Homebrew:
brew install uv
Tested on
- Cursor
- Claude
Installation
- Via Smithery:
npx -y @smithery/cli install @EdenYavin/OSV-MCP --client claude
-
Locally:
- Clone the repo:
https://github.com/EdenYavin/OSV-MCP.git - Configure your MCP Host (Cusrsor / Claude Desktop etc.):
- Clone the repo:
{
"mcpServers": {
"osv-mcp": {
"command": "uv",
"args": ["--directory", "path-to/OSV-MCP", "run", "osv-server"],
"env": {}
}
}
}
Leave a review on VibeApp if you enjoyed it :)!
Related Servers
PostgreSQL & Google Sheets
MCP servers for interacting with PostgreSQL databases and Google Sheets.
PocketBase MCP Server
Interact with a PocketBase instance to manage records and files in collections.
EHR Tools with MCP and FHIR
Search and query patient Electronic Health Record (EHR) data using SMART on FHIR.
Toronto Open Data Tools
Query, analyze, and retrieve datasets from Toronto's CKAN-powered open data portal.
Notion Content Database
Manage content databases in Notion using the Notion API.
MCP Qdrant Codebase Embeddings
Uses Qdrant vector embeddings to understand semantic relationships in codebases.
Data Exploration
MCP server for autonomous data exploration on .csv-based datasets, providing intelligent insights with minimal effort.
Metabase MCP Server
Integrates AI assistants with the Metabase business intelligence and analytics platform.
UniProt MCP Server
Access UniProt protein information, including function and sequence data.
MySQL Server Pro
A MySQL server with CRUD operations, database anomaly analysis, and support for SSE and STDIO.