OpenClaw 2026.2.22 dropped on February 23rd, and it's a meaty one. This release brings a new AI provider, a new messaging channel, serious multilingual memory improvements, a major browser extension overhaul, and what might be the most comprehensive security patch the project has shipped so far. Here's what's new.
Mistral is Now Supported
The headline feature this release is full Mistral provider support, contributed by community member Vincent Koc. You can now route your OpenClaw agent through Mistral models, including memory embeddings and voice. If you've been wanting to try Mistral as an alternative to Claude or GPT, it's now a first-class option. Just add "mistral" to your memorySearch.provider config and you're good to go.
Synology Chat Gets a Native Plugin
If you run a Synology NAS at home or in your office, you can now connect OpenClaw directly to Synology Chat. The new native channel plugin supports webhook ingress, direct-message routing, outbound send and media support, per-account config, and DM policy controls. It's a solid addition for homelabbers who already live in the Synology ecosystem.
Multilingual Memory Just Got a Lot Better
This release makes OpenClaw's full-text search memory significantly smarter for non-English speakers. The team added proper stop-word filtering and query expansion for Spanish, Portuguese, Japanese, Korean, and Arabic. Japanese support even handles mixed-script terms like ASCII combined with katakana. If you use OpenClaw in any of these languages and have noticed memory search feeling a bit off, this update should make a real difference.
The Auto-Updater is Here (Opt-In)
OpenClaw now has a built-in auto-updater via update.auto.*, though it's off by default. If you want to enable it, you can choose between a stable rollout with a delay and jitter, or an hourly beta cadence. There's also a new openclaw update --dry-run command that lets you preview exactly what an update would do before committing to it, without touching your config, installing anything, or restarting the gateway. A welcome addition for anyone who wants a bit more control over when updates land.
Browser Extension Reliability Overhaul
The Chrome extension relay got a significant rework in this release. It now preserves debugger attachments across relay drops, auto-reconnects with bounded backoff and jitter, and recovers from navigation detaches more gracefully. State is persisted and rehydrated via Chrome's session storage, so the extension no longer loses track of attached tabs when things get disrupted. If you've hit issues with the browser integration feeling flaky, this update addresses a lot of the underlying causes.
Cron Improvements
Scheduled jobs got a round of meaningful fixes. Cron now properly honors maxConcurrentRuns so parallel jobs can actually run in parallel instead of always going one at a time. Manual cron.run calls now execute outside the cron lock, which keeps cron.list and cron.status responsive even when a long job is running. Isolated cron runs now always get fresh session IDs, and the scheduler's timing logic was corrected so every jobs resume from the right cadence after a restart instead of drifting.
Security: A Major Sweep
This release has one of the most thorough security changelogs the project has seen. A few highlights worth knowing about:
Credential leakage fix. The openclaw config get command now redacts sensitive values before printing to your terminal, so API keys and tokens no longer show up in your shell history.
Voice call hardening. The media stream WebSocket now has strict pre-auth timeouts and per-IP connection limits to protect against idle-connection denial of service.
Exec environment lockdown. Several bypass vectors around shell environment variables (like SHELLOPTS, HOME, and ZDOTDIR) have been blocked. These could previously have been used to sneak commands past the approval system.
Group policy defaults tightened. The gateway now fails closed when group policy config is missing, defaulting to allowlist mode across all supported channels rather than inheriting a permissive fallback.
SSRF protections expanded. The IP range blocklist now covers additional RFC special-use ranges, and IPv6 dotted-quad transition literals are properly normalized and blocked.
Symlink traversal blocked across the Control UI, avatar serving, archive extraction, and media sandbox paths.
Several of these fixes are tagged as shipping in the next npm patch release, so if you're on a managed host like ClawHosted, they'll roll out automatically.
Slack Threading Finally Works Properly
Slack users will be happy with this one. A persistent set of threading issues have been resolved: parent-session forking now stays active beyond the first turn, replyToMode is correctly respected, and extension replies stay in the correct thread instead of occasionally leaking to the main channel. File uploads to DMs also work properly now after a fix for how user IDs get resolved before calling the upload API.
Webchat Performance
The built-in webchat interface got a performance pass. Final assistant messages now render immediately without waiting for a full history refresh, and the history only reloads when actually needed. If you use the web UI regularly, responses should feel noticeably more responsive.
iOS Talk Mode Gets Smoother
The iOS voice experience got a small but noticeable improvement: TTS segments are now prefetched, and expected speech-cancellation errors are suppressed. The result is smoother playback in Talk Mode with fewer interruptions.
Other Changes Worth Noting
A few smaller things that are still worth knowing about: the bundled food-order skill has been removed from the core repo and moved to ClawHub. Log files now have a configurable size cap (defaulting to 500MB) to prevent disk exhaustion during error storms. MiniMax M2.5 pricing was corrected after inflated cost reporting. And for terminal users, multiline paste on macOS now coalesces properly instead of submitting line by line.
How to Update
If you're running OpenClaw locally:
npm install -g openclaw@latest
openclaw doctor
openclaw gateway restartIf you're on ClawHosted, you can update with one click from your dashboard.
Links
Skip the manual updates. On ClawHosted, security patches and new releases are applied automatically so you're always running the latest version without lifting a finger.
