spupuz/VibeNVR

v1.25.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 2mo Media Servers

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ffmpeg lightweight local-storage nvr opensource privacy

+1 more

video-surveillance

Affected surfaces

auth rbac

Summary

AI summary

Backup Manager introduced to automatically export all system configurations including API tokens and recovery codes.

Full changelog

Full Changelog: https://github.com/spupuz/VibeNVR/compare/v1.5.2...v1.25.0

🚀 VibeNVR Release v1.25.0

📝 Summary

VibeNVR v1.25.0 is a landmark release focusing on extreme modularity, security-first architecture, and enhanced data resilience. This version successfully de-monolithizes the core engine and frontend, introducing a robust backup system and passing a rigorous 60-point Deep Assurance security suite.

🛠️ Key Improvements

🚀 Core Componentry: Successfully decomposed monolithic Cameras.jsx, Settings.jsx, and camera_thread.py into over 20 cohesive modules, dramatically improving maintainability and LOC policy compliance.
🛡️ Security & Sanitization: Implemented deep log and URL sanitization across the engine and backend. Verified RBAC isolation, 2FA enforcement, and Path Traversal guards.
💾 Resilient Backups: Introduced a feature-rich Backup Manager supporting automatic and manual exports of all system configurations, including API tokens and recovery codes.
🎨 UX Refinement: Redesigned the Settings interface with dedicated tabs for General, LiveView, Storage, and User Management.
📖 Documentation: Finalized the Relative Path Policy and fully synchronized the project Wiki with the latest architectural changes.