Enterprise DNA
M MCP Servers Developer low

toan203/osv-ui

by Various

A beautiful, zero-config visual CVE dashboard for npm & Python. One command: npx osv-ui. 100% Local & Secure.

T

MCP

toan203/osv-ui

Added 1 June 2026

#audit-source #cve #cve-mcp #cve-scanner-dashboard #cve-scanner-ui #cve-scanning #cve-search #cybersecurity

Overview

A zero-config local dashboard that scans npm and Python dependencies for known CVEs using the OSV API. Run one command (npx osv-ui) to get a visual report of vulnerabilities without sending data to external servers.

Best for

Best for
Developers who want a quick, private, visual CVE scan for npm or Python projects without adding a CI step.

Use cases

  • Audit npm dependencies for CVEs before a release
  • Check Python package vulnerabilities in a local project
  • Quickly visualize security issues without configuring a CI pipeline

How to use

Install

npx osv-ui

Tested with

Claude Desktop, Cursor, Claude Code

Example client config

{\n  "mcpServers": {\n    "osv-ui": {\n      "command": "npx",\n      "args": ["-y", "osv-ui-mcp"]\n    }\n  }\n}

Notes

A zero-config local dashboard that scans npm and Python dependencies for known CVEs using the OSV API. Run one command (npx osv-ui) to get a visual report of vulnerabilities without sending data to external servers.

4 stars on GitHub. Last updated 2026-03-24. Licensed MIT.

Use cases

  • Audit npm dependencies for CVEs before a release
  • Check Python package vulnerabilities in a local project
  • Quickly visualize security issues without configuring a CI pipeline

Pros

  • Zero setup: one command runs the full scan
  • 100% local processing keeps dependency data private
  • Clean visual dashboard for browsing vulnerabilities

Cons

  • Limited to npm and Python ecosystems only
  • Relies on the OSV API which may have rate limits or latency
  • No automated remediation or fix suggestions

Indexed from awesome-mcp-servers-punkpeye and enriched against its public facts.

Pros

  • Zero setup: one command runs the full scan
  • 100% local processing keeps dependency data private
  • Clean visual dashboard for browsing vulnerabilities

Cons

  • Limited to npm and Python ecosystems only
  • Relies on the OSV API which may have rate limits or latency
  • No automated remediation or fix suggestions
Free 27-page guide

Get the free Developer’s Field Guide

A 27-page field guide to the AI coding workflow with Claude. Claude Code, MCP servers, the prompt patterns that work, and what to delegate. Free.

Enter your work email. We send it straight over, plus a few short notes worth knowing. Unsubscribe any time.

No spam. Unsubscribe any time.

Running a business, not writing the code? See the MCP servers picked for operators, and get your first one wired up with us.

Operator picks