Skip to content

spupuz/VibeNVR

v1.20.1 Bugfix

This release fixes issues for SREs watching stability and regressions.

Published 3mo Media Servers
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ffmpeg lightweight local-storage nvr opensource privacy
+1 more
video-surveillance

Affected surfaces

auth

Summary

AI summary

Fixed Live View authentication error on HTTP installations by including credentials in frame polling requests.

Full changelog

Full Changelog: https://github.com/spupuz/VibeNVR/compare/v1.20.0...v1.20.1

🐛 Bug Fixes

  • Live View AUTH ERROR on HTTP installations — The camera frame polling requests were missing credentials: 'include', which prevented the browser from sending the media_token HttpOnly cookie. This caused persistent 401 Unauthorized errors and the "AUTHENTICATION ERROR / INVALID PASSWORD" overlay on all cameras when accessing VibeNVR over plain HTTP (local LAN without a reverse proxy). HTTPS installations were generally unaffected.

📦 What Changed

| File | Change |
|------|--------|
| frontend/src/pages/LiveView.jsx | Added credentials: 'include' to frame fetch |
| frontend/package.json | Version bump 1.20.01.20.1 |
| backend/package.json | Version bump 1.20.01.20.1 |

⬆️ How to Update

docker compose -f docker-compose.prod.yml pull
docker compose -f docker-compose.prod.yml down
docker compose -f docker-compose.prod.yml up -d

No .env changes required for this update.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track spupuz/VibeNVR

Get notified when new releases ship.

Sign up free

About spupuz/VibeNVR

All releases →

Related context

Earlier breaking changes

  • v1.28.3 Must update docker-compose.yml with TZ variable for all services

Beta — feedback welcome: [email protected]