spupuz/VibeNVR

v1.23.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 2mo Media Servers

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ffmpeg lightweight local-storage nvr opensource privacy

+1 more

video-surveillance

Affected surfaces

auth rce_ssrf

Summary

AI summary

Multiple Storage Profiles feature enables advanced storage management with per-profile quotas and dynamic routing.

Full changelog

Full Changelog: https://github.com/spupuz/VibeNVR/compare/v1.22.3...v1.23.0

🚀 Release v1.23.0

📝 Summary

This release introduces the highly requested Multiple Storage Profiles feature, enabling advanced storage management for professional surveillance setups. Users can now map specific cameras to different host volumes (e.g., SSDs for motion events or NAS for long-term storage) with independent quota enforcement and automated cleanup policies.

🛠️ Key Improvements

💾 Storage Profiles: Dedicated management UI to create and configure custom storage locations with absolute path validation and path traversal protection.
🎯 Advanced Quotas: Profile-level storage limits that automatically purge the oldest recordings across all assigned cameras when capacity is reached.
📁 Dynamic Routing: The VibeEngine now dynamically resolves and redirects write streams based on the assigned storage profile in real-time.
🛡️ Security Guards: Enhanced path validation prevents unauthorized local file access or traversal attacks via storage configurations.
📱 Responsive UI: Polished storage management dashboard with refined mobile stacking and element visibility.
🔄 Persistence: Full support for storage profiles in system backups, camera imports, and "Copy Settings" operations.
🐛 Stability: Fixed a critical DetachedInstanceError during camera/profile deletion to ensure smooth API responses.