%20--%3e%3cdefs%3e%3cstyle%3e%20.st0%20{%20fill:%20%23061b40;%20}%20.st1%20{%20fill:%20%23306af1;%20}%20.st2%20{%20fill:%20%235ce5cf;%20}%20%3c/style%3e%3c/defs%3e%3cg%3e%3cpath%20class='st0'%20d='M55,10.5h9v3h-9v9h12V7.5h-12v3ZM64,19.5h-6v-3h6v3Z'/%3e%3cpolygon%20class='st0'%20points='69%2016.5%2078%2016.5%2078%2019.5%2069%2019.5%2069%2022.5%2081%2022.5%2081%2013.5%2072%2013.5%2072%2010.5%2081%2010.5%2081%207.5%2069%207.5%2069%2016.5'/%3e%3cpolygon%20class='st0'%20points='95%2010.5%2095%207.5%2083%207.5%2083%2022.5%2095%2022.5%2095%2019.5%2086%2019.5%2086%2016.5%2095%2016.5%2095%2013.5%2086%2013.5%2086%2010.5%2095%2010.5'/%3e%3cpath%20class='st0'%20d='M40,1.5v21h11.6l1.4-1.4v-7.6h0c0,0-1.4-1.5-1.4-1.5l1.4-1.4V2.9l-1.4-1.4h-11.6ZM50,19.5h-7v-6h7v6ZM50,10.5h-7v-6h7v6Z'/%3e%3c/g%3e%3cpath%20class='st1'%20d='M23.1,24L14.7,4.8l-4.9,11.2h3.8l-1.8,4H3.3L12.1,0H2C.9,0,0,.9,0,2v20c0,1.1.9,2,2,2h21.1Z'/%3e%3cpath%20class='st2'%20d='M34,0h-16.8l10.6,24h6.2c1.1,0,2-.9,2-2V2C36,.9,35.1,0,34,0ZM32.5,20h-4V4h4v16Z'/%3e%3c/svg%3e)
OSV MCP
A lightweight MCP server for querying software package vulnerability information in the OSV database.
rating : 2 points
downloads : 7.4K
What is the OSV MCP Server?
The OSV MCP Server is a lightweight tool based on the Model Context Protocol (MCP) for querying vulnerability information in the OSV (Open Source Vulnerabilities) database. It helps developers quickly understand the impact scope of specific software packages or vulnerabilities.How to use the OSV MCP Server?
Through simple command - line operations, you can easily query the vulnerability list of software packages, the affected versions or fixed versions of specific vulnerabilities. Just install and run the server to start using it.Applicable Scenarios
Suitable for development teams to integrate security checks into the CI/CD process, or for individual developers to quickly assess the security of dependencies during project maintenance.Main Features
Query vulnerabilities of a software package
Enter the name or version of a software package to get all vulnerability IDs and their details of the package.
Query the affected versions of a vulnerability
Enter a vulnerability ID to get the list of affected software versions.
Query the fixed versions of a vulnerability
Enter a vulnerability ID to get the software versions that have fixed this vulnerability.
Query supported ecosystems
Get all ecosystems supported by the current server and their corresponding programming languages or operating systems.
Advantages
Quickly locate vulnerability information of software packages
Support multiple ecosystems with strong scalability
Easy to integrate into existing workflows
Limitations
Requires Python 3.11 or higher
Has certain dependence on the network environment
How to Use
Install the OSV MCP Server
Ensure that your system has Python 3.11 or higher installed, and then install the server via pip.
%20--%3e%3cdefs%3e%3cstyle%3e%20.st0%20{%20fill:%20%230080ff;%20}%20%3c/style%3e%3c/defs%3e%3cpath%20class='st0'%20d='M16.2,11.1c.4.5.4,1.2,0,1.8l-4.7,7.1h-3.8l5.3-8L7.6,4h3.8l4.7,7.1Z'/%3e%3c/svg%3e)
Start the server
After entering the server directory, run the following command to start the service.
Execute queries
Use the provided command - line tools to perform vulnerability queries.
Usage Examples
Query vulnerabilities of the numpy software package
Enter numpy as the software package name to get all its vulnerability IDs.
Query the affected versions of the Log4j vulnerability
Enter CVE - 2021 - 44228 to view the affected versions.
Frequently Asked Questions
How to install the OSV MCP Server?
Which ecosystems are supported?
What should I do if I encounter a network connection failure?
Related Resources
GitHub Repository
The official GitHub repository containing source code and documentation.
VibeApp Reviews
User reviews and feedback.
Gitlab MCP Server
Certified
The GitLab MCP server is a project based on the Model Context Protocol that provides a comprehensive toolset for interacting with GitLab accounts, including code review, merge request management, CI/CD configuration, and other functions.
TypeScript
16.6K
4.3 points
Notion Api MCP
Certified
A Python-based MCP Server that provides advanced to-do list management and content organization functions through the Notion API, enabling seamless integration between AI models and Notion.
Python
14.8K
4.5 points
Markdownify MCP
Markdownify is a multi-functional file conversion service that supports converting multiple formats such as PDFs, images, audio, and web page content into Markdown format.
TypeScript
24.5K
5 points
Duckduckgo MCP Server
Certified
The DuckDuckGo Search MCP Server provides web search and content scraping services for LLMs such as Claude.
Python
44.7K
4.3 points
Unity
Certified
UnityMCP is a Unity editor plugin that implements the Model Context Protocol (MCP), providing seamless integration between Unity and AI assistants, including real - time state monitoring, remote command execution, and log functions.
C#
20.2K
5 points
Figma Context MCP
Framelink Figma MCP Server is a server that provides access to Figma design data for AI programming tools (such as Cursor). By simplifying the Figma API response, it helps AI more accurately achieve one - click conversion from design to code.
TypeScript
44.3K
4.5 points
Minimax MCP Server
The MiniMax Model Context Protocol (MCP) is an official server that supports interaction with powerful text-to-speech, video/image generation APIs, and is suitable for various client tools such as Claude Desktop and Cursor.
Python
30.2K
4.8 points
Gmail MCP Server
A Gmail automatic authentication MCP server designed for Claude Desktop, supporting Gmail management through natural language interaction, including complete functions such as sending emails, label management, and batch operations.
TypeScript
15.8K
4.5 points