osv

Local
Community
26
Signed
GitHub Repo

Overview

OSV (Open Source Vulnerabilities) database access for querying package and commit vulnerabilities

Transport

streamable-http

Tools

  • query_vulnerabilities_batch
  • query_vulnerability
  • get_vulnerability

Key Capabilities

  • Comprehensive vulnerability database access with OSV.dev integration
  • Query vulnerabilities by package name, version, and commit hash
  • Streamable HTTP transport for efficient real-time vulnerability data streaming
  • Integration with OSV.dev API for comprehensive security scanning across ecosystems

How It Works

Check out our OSV MCP server guide.

The server provides MCP-based access to the OSV vulnerability database through:

  1. Direct API queries to OSV.dev for vulnerability lookups by package name, version, or commit hash
  2. Batch vulnerability queries supporting multiple packages in a single request
  3. Detailed vulnerability information retrieval including CVE IDs, severity scores, and affected versions
  4. Ecosystem-specific vulnerability tracking across multiple programming languages and package managers