OSV Database
An MCP server for querying the OSV (Open Source Vulnerability) database API.
MCP Server For OSV
A lightweight MCP (Model Context Protocol) server for OSV Database API.
Example:
Tools Provided
Overview
| name | description |
|---|---|
| query_package_cve | List all the CVE IDs for a specific package. Specific version can be passed as well for more narrow scope CVE IDs. |
| query_for_cve_affected | Query the OSV database for a CVE and return all affected versions of the package. |
| query_for_cve_fix_versions | Query the OSV database for a CVE and return all versions that fix the vulnerability. |
| get_ecosystems | Query the MCP for current supported ecosystems. |
Detailed Description
-
query_package_cve
- Query the OSV database for a package and return the CVE IDs.
- Input parameters:
package(string, required): The package name to queryversion(string, optional): The version of the package to query. If not specified, queries all versionsecosystem(string, optional): The ecosystem of the package. Defaults to "PyPI" for Python packages
- Returns a list of CVE IDs with their details
-
query_for_cve_affected
- Query the OSV database for a CVE and return all affected versions.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of affected version strings
-
query_for_cve_fix_versions
- Query the OSV database for a CVE and return all versions that fix the vulnerability.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., "CVE-2018-1000805")
- Returns a list of fixed version strings
-
get_ecosystems
- Query for all current supported ecosystems by the MCP servers.
- Return a dict with the key being the ecosystem name and the value the programming language / OS.
Prerequisites
-
Python 3.11 or higher: This project requires Python 3.11 or newer.
# Check your Python version python --version -
Install uv: A fast Python package installer and resolver.
pip install uvOr use Homebrew:
brew install uv
Tested on
- Cursor
- Claude
Installation
- Via Smithery:
npx -y @smithery/cli install @EdenYavin/OSV-MCP --client claude
-
Locally:
- Clone the repo:
https://github.com/EdenYavin/OSV-MCP.git - Configure your MCP Host (Cusrsor / Claude Desktop etc.):
- Clone the repo:
{
"mcpServers": {
"osv-mcp": {
"command": "uv",
"args": ["--directory", "path-to/OSV-MCP", "run", "osv-server"],
"env": {}
}
}
}
Leave a review on VibeApp if you enjoyed it :)!
Related Servers
Formula One MCP Server
Access Formula One data and statistics, including race calendars, session results, driver data, lap times, telemetry, and championship standings.
Opera Omnia
Access a rich collection of JSON datasets for games, storytelling, and bot development from the Opera Omnia project.
SCB MCP
Connect LLMs or AI-chatbots to let them query and interact with official data and statistics from SCB (Sweden Statistics)
ClickHouse
An MCP server for interacting with a ClickHouse database.
Open Formula 1 MCP Server
MCP Server to retrieve and analyze Formula 1 (F1) races, cars, drivers, lap, pit stops and more.
OpenCTI MCP Server
Integrates with the OpenCTI platform to query and retrieve threat intelligence data.
FoodData Central
Access the USDA's FoodData Central database for comprehensive food and nutrient information.
Solana Launchpads MCP
Tracks daily activity and graduate metrics across multiple Solana launchpads using the Dune Analytics API.
SVM-MCP
Interact with SOON and other SVM-based blockchains. Check balances, fetch recent transactions, and view token holdings.
openGauss
An MCP server for interacting with the openGauss database.