OpenClaw v2026.2.25: The Critical Security & Stability Update You Need

Hey everyone,

After the recent malware scare from ClawHub that I flagged a while back, I know security has been top-of-mind for all of us. I've been digging through the full v2026.2.25 release notes, and I'm not exaggerating when I say this is one of the most important updates for our community in a long time. This isn't a feature-heavy release. It's a hardening release. And it directly addresses many of the stability and security fears we've been talking about right here in this group.

Here's the breakdown of what matters to us as builders.

(INSTRUCTION: Make the following line bold in the Skool editor)

The Big One: Massive Security Overhaul

This release ships with nearly 20 critical security patches. This isn't routine maintenance. It's a direct response to the kinds of vulnerabilities that keep us up at night. Many of these were reported by community security researchers like @tdjackey and @bmendonca3.

Why it matters to you: Remember the malware that spread through a popular skill? This update hardens the system against exactly that kind of attack. It blocks multiple pathways for remote code execution, session hijacking, and data leakage. Specifically, they've plugged holes in gateway WebSocket authentication (preventing brute-force and session takeover), hardened the file system against malicious symlinks and hardlinks (a common escape vector), blocked unauthorized event injections through chat platform reactions on Discord, Slack, Signal, and Telegram, and fixed an OAuth PKCE verifier exposure in the macOS beta onboarding flow.

If you're running OpenClaw for clients or handling any sensitive data, this update is non-negotiable.

Stability Fixes That Address Our Biggest Headaches

Beyond security, this update tackles some of the most common and frustrating issues we've all faced in this community.

Runaway Agents & Costs: Several fixes target the agent delivery and cron systems. The subagent completion dispatch has been refactored into a proper state machine, and there's a new duplicate-send guard for cron jobs. This should help prevent the kind of orphaned processes and duplicate sends that have led to those terrifying, unexpected API bills. If you've experienced what Christo Roberts described with his $100+/day spike, these fixes are directly relevant.

Agent Resilience: There are three separate improvements to the model fallback chains. Your agent will now be much better at recovering when a primary model is rate-limited or goes down, instead of just failing or looping. This also means fewer instances of the agent "losing its thread" mid-task, a pain point many of us have hit.

Channel-Specific Bugs: Major fixes for Telegram webhook hangs and dropped updates, Slack session threads getting bricked by oversized parent sessions, Discord typing indicators getting stuck, and case-insensitive channel ID matching for Slack allowlists. If you're running bots on any of these platforms, you'll notice the difference.

The (Minor) Breaking Change

There's only one breaking change, and it's a simple config toggle. The heartbeat DM delivery, which was blocked by default in v2026.2.24, is now set back to `allow`. If you liked it blocked, just add this one line to your config:

agents.defaults.heartbeat.directPolicy: "block"

That's it. Takes 10 seconds.

Is It Worth Upgrading?

Yes. Immediately.

If you're running an OpenClaw instance for anything beyond casual experimentation, treat this as a mandatory update. The security patches alone justify it. The stability improvements that target real-world pain points like cost overruns and agent flakiness are the bonus.

This update won't give you a bunch of new toys to play with, but it will give you a much stronger, safer, and more reliable foundation to build on. And right now, that's exactly what our community needs most.

Full release notes for the deep divers: https://github.com/openclaw/openclaw/releases/tag/v2026.2.25

Discussion question: What's the biggest stability or security issue you're hoping this update solves for your setup? Drop your thoughts below.

3 comments