OpenClaw v2026.5.26-beta.1 Release Summary

Key Changes

Performance & Gateway Optimizations

OpenClaw v2026.5.26-beta.1 introduces a series of deep architectural optimizations to reduce latency and resource consumption:

• Faster Startup and Replies: The Gateway now avoids repeated filesystem scans for plugins, channels, and sessions during startup. Reply delivery has been optimized by separating user-facing sends from slower follow-up work and caching plugin metadata snapshots to avoid rediscovery on hot paths.
• Memory & Session Management: To prevent Out-of-Memory (OOM) crashes on large session stores, openclaw doctor now uses read-only loads that skip unnecessary cloning. Additionally, session write lock acquisition now independently enforces maxHoldMs (default 5 minutes), preventing gateway freezes when large session files cause slow writes.
• Resource Isolation: Local memory embeddings are now isolated in a worker process by default. This ensures that native node-llama-cpp teardown failures—particularly on Apple Silicon—do not crash the entire Gateway process.

Voice & Talk Mode Enhancements

Realtime voice capabilities have been significantly expanded, particularly for mobile users:

• iOS Realtime Talk: A new direct path using gateway-issued client sessions replaces the previous relay method. The UI has been updated with a compact toolbar tray, responsive voice waveforms, and clear indicators for the active voice mode (e.g., GPT Realtime 2.0 vs. ElevenLabs).
• Voice SDK Integration: Shared realtime turn-context tracking and output activity tracking are now exposed via the SDK, improving speaker attribution in Discord and barge-in detection for Google Meet.
• Wake-Name Handling: Wake-name matching is now more tolerant of fuzzy transcripts (e.g., "Open Club" for "OpenClaw") while remaining gated against ambient speech.

Channel & Integration Updates

Several production-ready improvements have been made to core messaging channels:

• Telegram: Now preserves inbound text formatting (bold, italic, code) as Markdown for agent prompts. It also supports forum topic names in agent context and treats targeted bot commands (e.g., /command@BotName) as explicit mentions to satisfy requireMention gates.
• iMessage: Now supports thumb approval reactions (👍/👎) for exec and plugin requests. It also includes a new opt-in history seeding feature via channels.imessage.dmHistoryLimit to provide context for fresh DM sessions.
• WhatsApp: Thumb approval reactions are now supported, replacing the previous numeric system. Additionally, the extension now correctly honors OPENCLAW_HOME for media paths, fixing silent failures in Docker deployments.
• Discord: Improved voice playback and a new alpha-bucket model picker for providers with more than 25 models to avoid pagination fatigue.

Agent & Security Hardening

• Codex App-Server: Native Codex threads now have their built-in personality disabled (personality: "none") to ensure OpenClaw workspace instructions remain authoritative. Turn timeouts are now kept strictly within the Codex runtime boundary to prevent poisoning shared app-server clients.
• ReDoS Protection: The createAgentToAgentPolicy wildcard matcher was replaced with a linear-time glob matcher to prevent Regular Expression Denial of Service (ReDoS) attacks.
• Safe Regex: Plugin modelPatterns are now guarded with compileSafeRegex to reject unsafe patterns that could cause catastrophic backtracking.

Impact

Fixed Issues

• Stability: Fixed a critical crash on macOS where transient ENETDOWN errors during outbound connects caused the Gateway to exit and be parked by launchd.
• iMessage Duplication: Fixed a bug where multiple iMessage accounts sharing the same local source caused duplicate inbound processing and replies.
• Slack Privacy: Fixed a leak where download-file results were accidentally included in auto-reply media, potentially re-uploading private attachments.
• Windows CLI: Resolved stack overflow crashes on Windows by implementing a CLI respawn with increased --stack-size.
• Config Validation: Fixed a crash-loop where the runtime mergeScopedSearchConfig injected legacy shapes that the validator subsequently rejected.

Observability

New observability tools have been added to make failures easier to inspect:

• Activity Tab: An ephemeral tab in the Control UI for sanitized live tool activity summaries.
• OpenTelemetry: Added LLM content spans to capture prompt history, system instructions, and tool definitions when diagnostics.otel.captureContent is enabled.
• Diagnostics: Added traces for gateway secret preparation and alertable telemetry for blocked tools and stale sessions.

Upgrade Guide

Breaking Changes & Migration

• iMessage Approval Auth: If channels.imessage.allowFrom is non-empty, the /approve text command is now authorized strictly against that list rather than the broader DM allowlist. Ensure all authorized approvers are listed in allowFrom.
• iMessage Account Deduplication: If you have both a default and a named account targeting the same local Messages source, only the named account will now start a watcher. Inbound messages will be tagged with the named account's ID. Use openclaw doctor to identify redundant accounts and re-point your bindings if necessary.
• WhatsApp Approvals: Numeric/keycap reaction shortcuts are no longer accepted for new approval prompts; users must use 👍 or 👎.