D
DeployClaw
Back to News
News

OpenClaw 2026.2.12 Released: Major Security Hardening Update

February 14, 20264 min read

The OpenClaw team has shipped version 2026.2.12, a significant release focused on security hardening across multiple subsystems. If you're running an OpenClaw gateway, this update deserves your attention.

🔒 Security-First Release

This isn't a feature drop—it's a fortress upgrade. The team has systematically addressed potential attack vectors across the entire stack:

Web & Browser Security

  • SSRF Protection: URL-based inputs for files and images now come with an explicit deny policy, hostname allowlists, and per-request URL caps
  • Authenticated Browser Control: Loopback browser routes now require authentication, with auto-generated tokens when needed
  • Untrusted Content Handling: Browser and web tool outputs are now wrapped and flagged as untrusted by default, reducing prompt-injection risks

Webhook & Hook Hardening

  • Session Key Restrictions: POST /hooks/agent now rejects payload sessionKey overrides by default (configurable)
  • Constant-Time Verification: Webhook and device token verification now uses constant-time comparison to prevent timing attacks
  • Rate Limiting: Per-client auth-failure throttling (429 + Retry-After) protects against brute-force attempts

Infrastructure Security

  • Sandbox Confinement: Skill sync destinations are now confined to the sandbox skills/ root
  • Session Path Hardening: Transcript path resolution is hardened to reject unsafe session IDs and file paths
  • Audit Logging: Blocked-fetch operations are now logged for security review

✨ Quality-of-Life Improvements

Beyond security, this release includes some nice touches:

  • Local Timezone Logs: openclaw logs --local-time displays timestamps in your local timezone
  • Better Telegram Formatting: Blockquotes now render as native tags instead of being stripped
  • Larger Payloads: WebSocket buffer limits increased to support 5MB image attachments reliably
  • Config Fix: maxTokens-like fields no longer get incorrectly redacted

⚠️ Breaking Change

Heads up: If you use hooks with custom session routing, POST /hooks/agent now rejects payload sessionKey overrides by default. To maintain fixed hook context, set hooks.defaultSessionKey (recommended alongside hooks.allowedSessionKeyPrefixes: ["hook:"]). For legacy behavior, set hooks.allowRequestSessionKey: true.

How to Update

Updating is straightforward:

# Check current version
openclaw --version

# Update via npm/pnpm/bun
npm update -g openclaw

# Or use the self-update mechanism
openclaw update

Why This Matters

OpenClaw runs on your infrastructure with deep system access. These security improvements demonstrate the project's commitment to responsible stewardship of that access. Whether you're running OpenClaw for personal automation or managing deployments for clients, this release provides stronger guarantees about data integrity and access control.

Learn More

Ready to deploy OpenClaw?

Get started in under 5 minutes with DeployClaw.

View Plans