OSV Database
An MCP server for querying the OSV (Open Source Vulnerability) database API.
MCP Server For OSV
A lightweight MCP (Model Context Protocol) server for OSV Database API.
Example:
Tools Provided
Overview
| name | description |
|---|---|
| query_package_cve | List all the CVE IDs for a specific package. Specific version can be passed as well for more narrow scope CVE IDs. |
| query_for_cve_affected | Query the OSV database for a CVE and return all affected versions of the package. |
| query_for_cve_fix_versions | Query the OSV database for a CVE and return all versions that fix the vulnerability. |
| get_ecosystems | Query the MCP for current supported ecosystems. |
Detailed Description
-
query_package_cve
- Query the OSV database for a package and return the CVE IDs.
- Input parameters:
package(string, required): The package name to queryversion(string, optional): The version of the package to query. If not specified, queries all versionsecosystem(string, optional): The ecosystem of the package. Defaults to "PyPI" for Python packages
- Returns a list of CVE IDs with their details
-
query_for_cve_affected
- Query the OSV database for a CVE and return all affected versions.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of affected version strings
-
query_for_cve_fix_versions
- Query the OSV database for a CVE and return all versions that fix the vulnerability.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of fixed version strings
-
get_ecosystems
- Query for all current supported ecosystems by the MCP servers.
- Return a dict with the key being the ecosystem name and the value the programming language / OS.
Prerequisites
-
Python 3.11 or higher: This project requires Python 3.11 or newer.
# Check your Python version python --version -
Install uv: A fast Python package installer and resolver.
pip install uvOr use Homebrew:
brew install uv
Tested on
- Cursor
- Claude
Installation
- Via Smithery:
npx -y @smithery/cli install @EdenYavin/OSV-MCP --client claude
-
Locally:
- Clone the repo:
https://github.com/EdenYavin/OSV-MCP.git - Configure your MCP Host (Cusrsor / Claude Desktop etc.):
- Clone the repo:
{
"mcpServers": {
"osv-mcp": {
"command": "uv",
"args": ["--directory", "path-to/OSV-MCP", "run", "osv-server"],
"env": {}
}
}
}
Leave a review on VibeApp if you enjoyed it :)!
Related Servers
MCP Knowledge Graph
Provides persistent memory for AI models using a local knowledge graph.
ローカルNeo4jコンテナ
Manages personal knowledge using a local Neo4j container, with data imported from JSON files.
MCP Toolbox for Databases
Open source MCP server specializing in easy, fast, and secure tools for Databases.
Sanity MCP Server
Connects Sanity projects with AI tools, allowing AI models to understand content structure and perform operations using natural language.
MongoDB Mongoose MCP
An MCP server for MongoDB with optional Mongoose schema support.
Engram
Persistent memory layer for AI agents with semantic search, consolidation, and cross-session intelligence via MCP.
Amplify Data API MCP Server
Interact with AWS Amplify Gen2 data models using natural language and Cognito authentication.
Memory Custom
Extends the MCP Memory server to create and manage a knowledge graph from LLM interactions.
MariaDB / MySQL
Access and manage MariaDB or MySQL databases using an MCP server.
MongoDB MCP Server
A server for interacting with MongoDB databases and MongoDB Atlas.