github prefect421/mvidarr v0.11.9
v0.11.9 - Security Updates, Video Quality & Discovery Fix
on GitHub

7 hours ago

🔒 Security Updates (11 CVEs Fixed)

Package Update CVE
python-multipart 0.0.20 → 0.0.22 CVE-2026-24486 (path traversal)
urllib3 2.6.0 → 2.6.3 CVE-2026-21441 (decompression-bomb bypass)
aiohttp 3.12.14 → 3.13.3 CVE-2025-69223/24/25/26/27/28/29/30 (zip bomb + DoS)
werkzeug 3.1.4 → 3.1.5 CVE-2026-21860 (Windows device names bypass)

🎬 Video Quality Fix

  • Format Sorting: Added -S flag to yt-dlp to prioritize resolution over bitrate
  • User Settings Respected: Downloads now honor your max_video_quality database setting
  • TV Client Fallback: Falls back to web client for more format options
  • No More 360p: Videos now download at the quality you expect

🔍 YouTube Discovery Fix

  • API Key Caching Bug Fixed: Empty API key was being cached forever, causing discovery to return 0 results
  • Settings Updates Work: Changing YouTube API key in Settings now takes effect immediately
  • Cache Invalidation: Bumped cache version to clear any stale empty results

📦 Upgrade Notes

  • Docker image rebuild required for security updates
  • Server restart required for discovery fix to take effect
  • Video downloads will now respect format sorting for better quality

🐳 Docker

docker pull ghcr.io/prefect421/mvidarr:v0.11.9
docker pull ghcr.io/prefect421/mvidarr:latest

Full Changelog: v0.11.8...v0.11.9

Check out latest releases or
releases around prefect421/mvidarr v0.11.9

Don't miss a new mvidarr release

NewReleases is sending notifications on new releases.

Get notifications