OSV Database

An MCP server for querying the OSV (Open Source Vulnerability) database API.

MCP Server For OSV

A lightweight MCP (Model Context Protocol) server for OSV Database API.

Example:

Tools Provided

Overview

name	description
query_package_cve	List all the CVE IDs for a specific package. Specific version can be passed as well for more narrow scope CVE IDs.
query_for_cve_affected	Query the OSV database for a CVE and return all affected versions of the package.
query_for_cve_fix_versions	Query the OSV database for a CVE and return all versions that fix the vulnerability.
get_ecosystems	Query the MCP for current supported ecosystems.

Detailed Description

query_package_cve
- Query the OSV database for a package and return the CVE IDs.
- Input parameters:
  - package (string, required): The package name to query
  - version (string, optional): The version of the package to query. If not specified, queries all versions
  - ecosystem (string, optional): The ecosystem of the package. Defaults to "PyPI" for Python packages
- Returns a list of CVE IDs with their details
query_for_cve_affected
- Query the OSV database for a CVE and return all affected versions.
- Input parameters:
  - cve (string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of affected version strings
query_for_cve_fix_versions
- Query the OSV database for a CVE and return all versions that fix the vulnerability.
- Input parameters:
  - cve (string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of fixed version strings
get_ecosystems
- Query for all current supported ecosystems by the MCP servers.
- Return a dict with the key being the ecosystem name and the value the programming language / OS.

Prerequisites

Python 3.11 or higher: This project requires Python 3.11 or newer.
```
# Check your Python version
python --version
```
Install uv: A fast Python package installer and resolver.
```
pip install uv
```
Or use Homebrew:
```
brew install uv
```

Tested on

Cursor
Claude

Installation

Via Smithery:

npx -y @smithery/cli install @EdenYavin/OSV-MCP --client claude

Locally:
1. Clone the repo: https://github.com/EdenYavin/OSV-MCP.git
2. Configure your MCP Host (Cusrsor / Claude Desktop etc.):

{
  "mcpServers": {
    "osv-mcp": {
      "command": "uv",
      "args": ["--directory", "path-to/OSV-MCP", "run", "osv-server"],
      "env": {}
    }
  }
}

Leave a review on VibeApp if you enjoyed it :)!

Related Servers

Supabase Memory Service

A memory service using Supabase PostgreSQL with pgvector for semantic search and knowledge graph storage.

MCP Qdrant Codebase Embeddings

Uses Qdrant vector embeddings to understand semantic relationships in codebases.

Bankless Onchain

Query Onchain data, like ERC20 tokens, transaction history, smart contract state.

ParticlePhysics MCP Server

Provides seamless access to particle physics data from the Particle Data Group (PDG) for AI assistants and applications.

Binance Cryptocurrency MCP

Access Binance cryptocurrency market data, including prices, candlestick charts, and order books.

Canada's Food Guide

A nutrition analysis platform integrating Canada's Food Guide recipes with Health Canada's official nutrition databases.

MCP Memory Server - Python Implementation

A Python implementation of the MCP memory server for knowledge graph storage and retrieval, using JSONL files for persistence.

MySQL Server

Provides read-only access to MySQL databases, allowing LLMs to inspect schemas and execute queries.

Trino MCP Server

A Go implementation of a Model Context Protocol (MCP) server for Trino, enabling LLM models to query distributed SQL databases through standardized tools.

Quick Data for Windows MCP

A Windows-optimized server for performing data analytics on JSON and CSV files, designed for Claude Desktop integration.