Security

OpenClaw v2026.5.12-beta.2 releases critical fixes and enhancements across authentication, provider streams, memory management, and UI/UX. Key improvements include auth-profile-backed media tools availability, subagent session visualization, error handling in auto-reply, and provider stream reliability. The release also upgrades to pnpm 11, adds per-agent tool policies, expands Slack/Gemini/Fal provider support, and strengthens TypeScript/linting standards.

OpenClaw v2026.5.12-beta.3 is a maintenance release addressing authentication, provider compatibility, and UI improvements. Key fixes include auth-profile-backed media tools availability, WhatsApp/Baileys dependency resolution, memory-wiki permission scoping, and provider stream handling. The release introduces per-agent tool policies, improved subagent session visualization, better error messaging, and expanded configuration options for Slack, Google Gemini, and local model providers.

OpenClaw v2026.5.12-beta.1 is a maintenance and feature release addressing security, UI/UX, and provider integrations. Key improvements include memory-wiki admin scope requirements, subagent session hierarchy visualization, Gemini 3 model normalization, enhanced tool policies, and expanded Slack/iMessage channel support. The release also upgrades build infrastructure to pnpm 11 and refines plugin SDK public APIs.

langchain-core version 1.4.0 release includes numerous bug fixes, performance improvements, and feature additions across the LangChain core library. Key updates involve hardening security (SSRF protections, deserialization safety), improving streaming with content-block-centric v2 support, enhancing tracer metadata handling, and updating dependencies. The release spans from version 0.3.86 through 1.4.0 with multiple intermediate releases (1.2.x, 1.3.x series) containing incremental improvements to tool handling, token counting, and model integrations.

Claude Code v2.1.136 is a maintenance release focused on stability and bug fixes across multiple platforms. Key improvements include fixes for MCP server persistence, OAuth token handling, extended thinking compatibility, and numerous UI/UX refinements in the VS Code extension and JetBrains plugin. The release addresses critical issues with file picker matching, dialog rendering, terminal output formatting, and plugin management while enhancing visual consistency and keyboard navigation.

OpenAI Agents Python SDK v0.17.0 introduces gpt-realtime-2 as the default model for RealtimeAgents and implements a critical security fix for sandbox local source materialization. The update constrains local artifact sources to remain within the SDK process base directory unless explicitly granted via SandboxPathGrant, closing a local artifact boundary vulnerability. Applications relying on copying trusted files from outside the base directory must now explicitly grant those paths at the manifest level.

Claude Code v2.1.133 introduces enhanced worktree configuration with `worktree.baseRef` settings, improved sandbox path management for Linux/WSL, and critical fixes for parallel sessions, proxy handling, and effort level synchronization. The release addresses memory efficiency, credential management, and cross-session consistency issues while improving focus mode behavior and MCP OAuth flow support.

LangChain Core version 0.3.86 has been released with a critical security fix. This patch backports a path-traversal vulnerability fix (CVE-2026-34070, GHSA-qh6h-p6c9-ff54) to the v0.3 branch. Users should upgrade immediately to address the security issue.

OpenClaw v2026.5.7 is a maintenance release focused on stability, security, and reliability improvements across plugin publishing, CLI tools, authentication, and multi-channel integrations. Key fixes address cron job persistence, Discord/Telegram/WhatsApp message routing, OAuth recovery, permission enforcement, and context caching issues. The release includes enhancements to CLI output formatting, voice capture quality, and error handling to prevent partial publishes and stale session states.

OpenClaw v2026.5.6 addresses critical OAuth routing issues, plugin fetch header handling, and debug proxy normalization. The release reverts a problematic repair from v2026.5.5 that incorrectly rewrote OpenAI Codex OAuth routes, which could break GPT-5.5 setups. Additional fixes improve fetch request handling across plugins, debug proxies, and web requests to prevent symbol metadata rejection and resource cleanup issues.

OpenClaw v2026.5.5 is a maintenance release focused on fixing critical bugs across multiple messaging platforms (Feishu, LINE, Telegram, Discord, Matrix, Slack), improving control UI responsiveness and session management, resolving provider integration issues (xAI/Grok, Fireworks), and enhancing diagnostic tools. Key improvements include fixing message routing, webhook validation, tool progress rendering, approval delivery retries, and heartbeat timeout handling. The release also addresses plugin management, media handling, and gateway stability issues.

OpenAI Agents Python v0.15.2 introduces context management model settings and fixes critical issues with conversation session replay, tool execution, and error handling. The release includes 11 bug fixes addressing assistant conversation item IDs, function tool tracing, MCP tool metadata isolation, and stream terminal rejection. Comprehensive test coverage improvements ensure reliability across realtime tool behaviors, handoff mechanisms, and tool identity helpers.

LangChain version 0.3.29 was released with critical security improvements. The release includes fixes to restrict deserialization in the langchain.storage._lc_store module and hardening of the load() function against untrusted manifests. These changes enhance the security posture of the framework by preventing potential deserialization attacks and manifest injection vulnerabilities.

This cookbook demonstrates building a vulnerability-discovery agent using the Claude Agent SDK that automatically threat-models C source code, hunts memory-safety bugs using built-in file tools (Read, Grep, Glob), and generates structured security reports. The agent operates in a multi-turn session with a bootstrap threat-modeling phase, an interview phase for owner input, and automated vulnerability finding and triage loops. The approach reduces false positives compared to traditional static analyzers by using Claude's reasoning to identify high-confidence memory-safety issues in a read-only sandbox environment.

OpenClaw v2026.5.4-beta.2 introduces significant improvements to voice call integration with Google Meet/Twilio, enhanced plugin management with better migration hints and metadata caching, and substantial performance optimizations across the gateway and control UI. Key updates include Gemini voice bridge streaming for Meet participants, plugin auto-enablement refinements, secrets handling improvements, and comprehensive performance enhancements reducing startup overhead. The release also adds diagnostic tooling for QA testing and improves developer experience with better error handling and logging.

OpenClaw v2026.5.3-1 is a hotfix release for the npm core package addressing a security scanner issue. The fix prevents the install scanner from incorrectly blocking official bundled plugin packages when process.env access and API calls appear in different sections of the compiled bundle. The updated package is published on the beta dist-tag for testing before stable release.

OpenClaw v2026.5.3 introduces a bundled file-transfer plugin with secure binary file operations, hardens plugin installation workflows, and optimizes Gateway startup performance through lazy-loading. The release improves channel reliability across Discord, WhatsApp, Telegram, and other platforms, adds new agent steering commands, and fixes critical issues in realtime transcription, plugin updates, and systemd secret management.

OpenClaw v2026.5.3-beta.3 introduces a bundled file-transfer plugin with secure binary file operations, hardens plugin installation workflows, and optimizes Gateway performance through lazy-loading. Major improvements include enhanced channel support (WhatsApp, Discord, Telegram), improved agent runtime reliability, and numerous fixes for edge cases in streaming, transcription, and configuration management. The release emphasizes security (default-deny policies, symlink traversal protection), performance (startup optimization, hot-path trimming), and operational robustness (doctor command enhancements, state recovery).

OpenClaw v2026.5.3-beta.2 introduces a bundled file-transfer plugin with secure binary file operations, hardens plugin installation and updates, and improves gateway performance through lazy-loading. The release enhances channel reliability across Discord, WhatsApp, Telegram, and other platforms, while fixing critical issues in agent runtime, memory status reporting, and macOS upgrades. Key improvements focus on security (path policies, symlink traversal), performance (startup optimization), and reliability (streamed replies, session recovery).

Claude Code v2.1.126 introduces gateway model listing, project purge functionality, improved OAuth authentication for WSL/SSH/containers, and numerous bug fixes. Key improvements include permission bypass options, better shell detection on Windows, security fixes for managed settings, and stability enhancements for streaming, image handling, and remote sessions. The release also refines telemetry events, fixes UI issues, and resolves edge cases in tool availability and clipboard handling.