MCP Server For OSV
A lightweight MCP (Model Context Protocol) server for OSV Database API.
Example:
https://github.com/user-attachments/assets/55bb887f-3ead-4733-8328-572d3f3145fd
Features
- Get Package CVEs: Fetch all CVEs related to a package.
- Get CVE Affected Versions: Fetch all the affected versions for a specific CVE-ID.
- Get CVE Fix Versions: Fetch all the versions that remediate the CVE.
Prerequisites
Python 3.11 or higher: This project requires Python 3.11 or newer.
# Check your Python version python --versionInstall uv: A fast Python package installer and resolver.
pip install uvOr use Homebrew:
brew install uv
Configuration
For Cursor users:
{
"mcpServers": {
"osv-mcp": {
"command": "uv",
"args": ["--directory", "path-to/OSV-MCP", "run", "osv-server"],
"env": {}
}
}
}
Tools Provided
Overview
| name | description |
|---|---|
| query_package_cve | List all the CVE IDs for a specific package. Specific version can be passed as well for more narrow scope CVE IDs. |
| query_for_cve_affected | Query the OSV database for a CVE and return all affected versions of the package. |
| query_for_cve_fix_versions | Query the OSV database for a CVE and return all versions that fix the vulnerability. |
Detailed Description
query_package_cve
- Query the OSV database for a package and return the CVE IDs.
- Input parameters:
package(string, required): The package name to queryversion(string, optional): The version of the package to query. If not specified, queries all versionsecosystem(string, optional): The ecosystem of the package. Defaults to “PyPI” for Python packages
- Returns a list of CVE IDs with their details
query_for_cve_affected
- Query the OSV database for a CVE and return all affected versions.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., “CVE-2018-1000805”)
- Returns a list of affected version strings
query_for_cve_fix_versions
- Query the OSV database for a CVE and return all versions that fix the vulnerability.
- Input parameters:
cve(string, required): The CVE ID to query (e.g., “CVE-2018-1000805”)
- Returns a list of fixed version strings
Installation
Installing via Smithery
To install OSV Database API Server for Claude Desktop automatically via Smithery:
npx -y @smithery/cli install @EdenYavin/OSV-MCP --client claude
OSV Database API Server
Project Details
- EdenYavin/OSV-MCP
- MIT License
- Last Updated: 4/14/2025
Recomended MCP Servers
The Ultimate Model Context Protocol (MCP) Server, providing unified access to a wide variety of useful and powerful...
Connect your Pinecone projects to Cursor, Claude, and other AI assistants
BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to analyze Active...
DeepView MCP is a Model Context Protocol server that enables IDEs like Cursor and Windsurf to analyze large...
A file server that supports static serving, uploading, searching, accessing control, webdav...
Academic Paper Search MCP Server for Claude Desktop integration. Allows Claude to access data from Semantic Scholar and...
特定のWeb APIに関するBaselineの状況を提供するModel Context Protocolサーバー
🤖 功能丰富的微信机器人框架 | AI对话、对接Dify、积分系统、游戏互动、每日新闻、天气查询 | 非Hook非Web实现 | 支持 Windows✅ Linux✅ MacOS✅ | 全新架构解决XYBot第一代痛点!
Model Context Protocol server for Google Analytics, enabling LLMs to fetch and analyze web analytics data
Featured Templates
View More
