AIBase
EN
Explore
OSV MCP
O

OSV MCP

A lightweight MCP server for querying software package vulnerability information in the OSV database.
SecurityDeveloper tools#Vulnerability Query#CVE Analysis#Security Tool.Python
2 points
8.7K
Open Site

Overview

Installation

Content Details

Alternatives

What is the OSV MCP Server?

The OSV MCP Server is a lightweight tool based on the Model Context Protocol (MCP) for querying vulnerability information in the OSV (Open Source Vulnerabilities) database. It helps developers quickly understand the impact scope of specific software packages or vulnerabilities.

How to use the OSV MCP Server?

Through simple command - line operations, you can easily query the vulnerability list of software packages, the affected versions or fixed versions of specific vulnerabilities. Just install and run the server to start using it.

Applicable Scenarios

Suitable for development teams to integrate security checks into the CI/CD process, or for individual developers to quickly assess the security of dependencies during project maintenance.

Main Features

Query vulnerabilities of a software package
Enter the name or version of a software package to get all vulnerability IDs and their details of the package.
Query the affected versions of a vulnerability
Enter a vulnerability ID to get the list of affected software versions.
Query the fixed versions of a vulnerability
Enter a vulnerability ID to get the software versions that have fixed this vulnerability.
Query supported ecosystems
Get all ecosystems supported by the current server and their corresponding programming languages or operating systems.
Advantages
Quickly locate vulnerability information of software packages
Support multiple ecosystems with strong scalability
Easy to integrate into existing workflows
Limitations
Requires Python 3.11 or higher
Has certain dependence on the network environment

How to Use

Install the OSV MCP Server
Ensure that your system has Python 3.11 or higher installed, and then install the server via pip.
Start the server
After entering the server directory, run the following command to start the service.
Execute queries
Use the provided command - line tools to perform vulnerability queries.

Usage Examples

Query vulnerabilities of the numpy software package
Enter numpy as the software package name to get all its vulnerability IDs.
Query the affected versions of the Log4j vulnerability
Enter CVE - 2021 - 44228 to view the affected versions.

Frequently Asked Questions

How to install the OSV MCP Server?
Which ecosystems are supported?
What should I do if I encounter a network connection failure?

Related Resources

GitHub Repository
The official GitHub repository containing source code and documentation.
VibeApp Reviews
User reviews and feedback.

Installation

Copy the following command to your Client for configuration
{
  "mcpServers": {
    "osv-mcp": {
      "command": "uv",
      "args": ["--directory", "path-to/OSV-MCP", "run", "osv-server"],
      "env": {}
    }
  }
}
Note: Your key is sensitive information, do not share it with anyone.

Alternatives

V
Vestige
Vestige is an AI memory engine based on cognitive science. By implementing 29 neuroscience modules such as prediction error gating, FSRS - 6 spaced repetition, and memory dreaming, it provides long - term memory capabilities for AI. It includes a 3D visualization dashboard and 21 MCP tools, runs completely locally, and does not require the cloud.
Rust
4.8K
4.5 points
M
Moltbrain
MoltBrain is a long-term memory layer plugin designed for OpenClaw, MoltBook, and Claude Code, capable of automatically learning and recalling project context, providing intelligent search, observation recording, analysis statistics, and persistent storage functions.
TypeScript
5.4K
4.5 points
B
Bm.md
A feature-rich Markdown typesetting tool that supports multiple style themes and platform adaptation, providing real-time editing preview, image export, and API integration capabilities
TypeScript
4.9K
5 points
S
Security Detections MCP
Security Detections MCP is a server based on the Model Context Protocol that allows LLMs to query a unified security detection rule database covering Sigma, Splunk ESCU, Elastic, and KQL formats. The latest version 3.0 is upgraded to an autonomous detection engineering platform that can automatically extract TTPs from threat intelligence, analyze coverage gaps, generate SIEM-native format detection rules, run tests, and verify. The project includes over 71 tools, 11 pre-built workflow prompts, and a knowledge graph system, supporting multiple SIEM platforms.
TypeScript
6.2K
4 points
P
Paperbanana
Python
7.4K
5 points
B
Better Icons
An MCP server and CLI tool that provides search and retrieval of over 200,000 icons, supports more than 150 icon libraries, and helps AI assistants and developers quickly obtain and use icons.
TypeScript
6.0K
4.5 points
A
Assistant Ui
assistant - ui is an open - source TypeScript/React library for quickly building production - grade AI chat interfaces, providing composable UI components, streaming responses, accessibility, etc., and supporting multiple AI backends and models.
TypeScript
6.7K
5 points
A
Apify MCP Server
The Apify MCP Server is a tool based on the Model Context Protocol (MCP) that allows AI assistants to extract data from websites such as social media, search engines, and e-commerce through thousands of ready-to-use crawlers, scrapers, and automation tools (Apify Actors). It supports OAuth and Skyfire proxy payment and can be integrated into MCP clients such as Claude and VS Code through HTTPS endpoints or local stdio.
TypeScript
7.7K
5 points
N
Notion Api MCP
Certified
A Python-based MCP Server that provides advanced to-do list management and content organization functions through the Notion API, enabling seamless integration between AI models and Notion.
Python
21.5K
4.5 points
M
Markdownify MCP
Markdownify is a multi-functional file conversion service that supports converting multiple formats such as PDFs, images, audio, and web page content into Markdown format.
TypeScript
34.5K
5 points
G
Gitlab MCP Server
Certified
The GitLab MCP server is a project based on the Model Context Protocol that provides a comprehensive toolset for interacting with GitLab accounts, including code review, merge request management, CI/CD configuration, and other functions.
TypeScript
24.7K
4.3 points
D
Duckduckgo MCP Server
Certified
The DuckDuckGo Search MCP Server provides web search and content scraping services for LLMs such as Claude.
Python
72.5K
4.3 points
F
Figma Context MCP
Framelink Figma MCP Server is a server that provides access to Figma design data for AI programming tools (such as Cursor). By simplifying the Figma API response, it helps AI more accurately achieve one - click conversion from design to code.
TypeScript
64.6K
4.5 points
U
Unity
Certified
UnityMCP is a Unity editor plugin that implements the Model Context Protocol (MCP), providing seamless integration between Unity and AI assistants, including real - time state monitoring, remote command execution, and log functions.
C#
32.3K
5 points
M
Minimax MCP Server
The MiniMax Model Context Protocol (MCP) is an official server that supports interaction with powerful text-to-speech, video/image generation APIs, and is suitable for various client tools such as Claude Desktop and Cursor.
Python
49.3K
4.8 points
G
Gmail MCP Server
A Gmail automatic authentication MCP server designed for Claude Desktop, supporting Gmail management through natural language interaction, including complete functions such as sending emails, label management, and batch operations.
TypeScript
21.1K
4.5 points
AIBase
Zhiqi Future, Your AI Solution Think Tank
English简体中文繁體中文にほんご
© 2026AIBase