OpenClaw v2026.4.10

OpenClaw shipped version 2026.4.10 on April 11 with a new memory system, local Mac voice processing, and tighter network safeguards for self-hosted agents. (github.com) OpenClaw is a self-hosted gateway that lets one assistant run across chat apps including WhatsApp, Slack, Telegram, Signal, Microsoft Teams, Matrix, Discord, and WebChat from a single machine or server. The project’s docs say it is aimed at developers and power users who want to keep control of data and routing on their own hardware. (docs.openclaw.ai) The 2026.4.10 release added an optional “Active Memory” plugin that runs a dedicated memory sub-agent before the main reply. OpenClaw’s changelog says it can pull preferences, past details, and other context automatically instead of waiting for a user to type “remember this” or “search memory.” (github.com, docs.openclaw.ai) In plain terms, that memory layer works like a briefing note prepared before a meeting instead of a file cabinet searched only after someone asks. OpenClaw’s memory docs say the plugin can be configured separately from the main memory search settings and can run in different context modes for interactive sessions. (docs.openclaw.ai, docs.openclaw.ai) The release also added local MLX speech support for Talk Mode on macOS. OpenClaw’s Talk Mode docs describe a continuous loop that listens for speech, sends the transcript to the model, waits for a response, and speaks the answer back. (github.com, docs.openclaw.ai) MLX is Apple’s machine learning framework for Apple silicon, so “local MLX” means voice work can run on the Mac instead of sending every step to a paid cloud service. That gives OpenClaw operators an on-device option for speech in a product that already pitches itself as self-hosted and hardware-controlled. (github.com, docs.openclaw.ai) Security changes were a second theme in 2026.4.10. OpenClaw’s release notes and tool docs show stricter server-side request forgery checks, including redirect validation that blocks requests from being bounced toward private or internal network targets. (github.com, docs.openclaw.ai) That matters in OpenClaw’s setup because the software can fetch web pages, move files, call tools, and connect to outside services from a machine the user controls. The project’s security guide says the supported model is one trusted operator boundary per gateway, not a shared system for mutually untrusted users. (docs.openclaw.ai, docs.openclaw.ai) The same release bundled a Codex provider so `codex/gpt-*` models use Codex-managed authentication, native threads, model discovery, and compaction, while `openai/gpt-*` stays on the standard OpenAI path. The package also included an `exec-policy` command and a wider batch of browser, sandbox, and startup hardening changes. (github.com) OpenClaw moved quickly after that April 11 release. GitHub shows version 2026.4.11 and a 2026.4.12 beta within days, with follow-up fixes for memory recall behavior and other runtime issues, including a reported macOS Chrome startup bug in 2026.4.10. (github.com, github.com) Version 2026.4.10 reads like a release for people running agents on their own machines: get the right context before answering, keep more voice work on-device, and narrow what the software can reach over the network. That is the core trade in self-hosted assistants, and OpenClaw spent this release tightening all three parts. (github.com, docs.openclaw.ai)