OpenClaw just shipped v2026.5.27, and it's a significant overhaul for security and reliability. The team has locked down multiple attack surfaces while making Codex app-server runs more consistent. If you're running OpenClaw, this update demands attention.
Security got a major boost. Group prompt text is now kept out of the system prompt, preventing accidental injection. Repeated-dot hostnames are normalized to avoid ambiguity. Side-effecting command wrappers? Blocked. Unsafe Node runtime environment overrides? Also blocked. Tailscale exposure without authentication is now rejected outright. And node or device-role approvals now require admin authority – no more self-service escalations. These changes come courtesy of contributors @eleqtrizit and @pgondhi987, spanning issues #87144, #87305, #87292, #87308, and #87146.
On the Codex front, the app-server runtime is more reliable. The update ensures Codex runtime models resolve first, and workspace memory handling is improved. It's a subtle but critical fix for anyone relying on Codex for complex workflows.
This isn't just a routine patch. The security changes close real loopholes – the kind that could let attackers hijack prompts or escalate privileges. Admin-only approvals for nodes and devices? That's a sensible tightening for multi-user deployments. The Codex fix, while less flashy, directly impacts stability. I've seen too many AI pipelines fail due to runtime model resolution issues; this update should reduce those headaches. Overall, v2026.5.27 is a confidence boost for production environments. Don't skip it.
Official Source: https://github.com/openclaw/openclaw/releases/tag/v2026.5.27