Security

OpenClaw v2026.2.22 release adds Mistral provider support with memory embeddings and voice, introduces auto-updater functionality with dry-run preview, and expands channel integrations with native Synology Chat support. The release includes significant improvements to memory search with multilingual stop-word filtering (Spanish, Portuguese, Japanese, Korean, Arabic), enhanced Slack threading and media handling, and numerous bug fixes across Discord voice, Docker setup, webchat performance, and browser extension relay stability.

OpenClaw v2026.2.23 release adds first-class Kilo Gateway and Moonshot provider support, introduces prompt caching documentation and per-agent parameter overrides, and hardens session maintenance with disk-budget controls and security headers. The release includes numerous fixes for browser SSRF policies, Telegram polling/reactions, context overflow detection, and agent reasoning/compaction behavior.

OpenClaw v2026.2.24-beta.1 release introduces enhanced auto-reply/abort shortcuts with multilingual support, Android native onboarding with new tab-based navigation, and provider-agnostic Talk configuration. The update includes critical security and routing fixes for cross-channel session isolation, heartbeat delivery improvements, and extensive channel-specific reliability enhancements across Discord, WhatsApp, Matrix, and Telegram.

OpenClaw v2026.2.24 release introduces enhanced auto-reply/abort shortcuts with multilingual support, improved Android UX with native onboarding, and critical security hardening including multi-user trust model detection and Docker namespace restrictions. The release includes breaking changes to heartbeat delivery targeting and sandbox security, along with extensive fixes for routing isolation, channel-specific message delivery, Discord voice reliability, and cross-platform messaging stability.

OpenClaw v2026.2.25-beta.1 release includes improvements to Android chat streaming and startup performance, UI enhancements for mobile compose actions, and a major refactor of heartbeat configuration policy. The release addresses numerous critical fixes across Telegram, Slack, Discord, and LINE channels, including subagent delivery state machine improvements, webhook handling, session threading, media routing, and typing indicator management.

OpenClaw v2026.2.25 release includes improvements to Android chat streaming and startup performance, UI enhancements for mobile compose actions, and a breaking change to heartbeat direct message delivery policy (now `allow` by default). The release contains numerous bug fixes across Telegram, Slack, Discord, LINE channels, agent routing, cron scheduling, and model fallback logic.

OpenClaw v2026.2.26 introduces major features including External Secrets Management with a complete workflow, ACP/Thread-bound agents as first-class runtimes, new agent routing CLI commands for account-scoped management, and Android device capabilities. The release also includes numerous fixes for Telegram DM allowlist inheritance, delivery queue recovery, typing indicators across channels, and various platform-specific lifecycle and authentication improvements.

OpenClaw v2026.3.2-beta.1 introduces major features including expanded SecretRef support across 64 targets, native PDF analysis tools, enhanced outbound adapters with multi-media support, and improved Telegram streaming with DM-specific optimizations. The release includes breaking changes to onboarding defaults, ACP dispatch behavior, and plugin SDK HTTP handler registration, alongside numerous fixes for plugin command validation, Telegram token handling, and group system prompts.

OpenClaw v2026.3.2 introduces major features including expanded SecretRef support across 64 targets, native PDF analysis tools, enhanced outbound adapters with multi-media support, and improved session attachments. The release includes several breaking changes around default tool profiles, ACP dispatch enablement, and plugin SDK HTTP handler registration, along with numerous fixes for Telegram, Discord, Feishu, and other channel integrations.

Pomerium introduces an Agentic Access Gateway, an open-source feature that extends their zero-trust identity proxy to secure AI agents with fine-grained, context-aware authorization. The solution provides centralized policy enforcement, just-in-time credentials, and audit trails for AI agents accessing internal apps and APIs, treating agents as first-class identities rather than relying on static OAuth scopes.

Claude Code v2.1.69 release adds the `/claude-api` skill for API development, expands voice STT support to 10 new languages (20 total), and introduces numerous UX improvements including effort level display, numeric keypad support, and custom session naming for remote control. The release includes significant bug fixes addressing security issues, memory leaks, plugin trust dialogs, OAuth keychain corruption, and various UI/terminal interaction problems.

Claude Code v2.1.70 release fixes multiple critical issues including API 400 errors with third-party gateways, model response problems after ToolSearch, clipboard corruption on Windows, and voice mode failures. The update also improves performance with 74% fewer prompt re-renders, adds VS Code session management in the activity bar, and introduces native MCP server management through the `/mcp` command.