What is the latest version of OpenClaw as of April 2026?

OpenClaw v4.2, released on March 28, 2026. It introduced the Agent Communication Protocol (ACP) for inter-agent messaging, thread-bound persistent sessions, sub-agent spawning with label-based targeting, and the session_status tool for usage tracking. Multiple patch releases followed in early April.

What changed in OpenClaw v4.0 (The Agent OS)?

v4.0 was a complete architecture rewrite released February 20, 2026. It introduced the gateway daemon (replacing the old monolithic process), canvas system for UI, support for 15+ messaging platforms, built-in cron scheduling, and a new plugin architecture. This was a breaking change - config files, plugins, and deployment scripts all needed updates.

What security issues were found in OpenClaw March 2026?

Nine CVEs were disclosed between March 18-21, including a critical 9.9 WebSocket scope escalation (CVE-2026-22172), an RCE via allowlist bypass, sandbox escapes, and brute-forceable WebSocket auth. Patches were spread across versions 2026.2.19 through 2026.3.12. You need at least v2026.3.12 to be safe from all nine.

Do I need to update my self-hosted OpenClaw instance?

Yes, urgently. If you're running anything older than v4.2 (2026.3.28), you're missing both security patches and significant feature updates. The March 2026 CVEs include remotely exploitable vulnerabilities. With TryOpenClaw.ai, updates and security patches are applied automatically same-day.

OpenClaw March 2026 release notes: v4.0 through v4.2

By Linas Valiukas · April 13, 2026

March 2026 was the busiest month in OpenClaw's history. A complete architecture rewrite. A skills marketplace. An agent communication protocol. Nine CVEs. Multiple breaking changes. If you self-host, this is everything you need to know about what shipped and what broke.

v4.0 - "The Agent OS" (February 20)

Technically a late February release, but the migration headaches defined March for most self-hosters. v4.0 was a ground-up rewrite of how OpenClaw works internally.

What changed:

Gateway daemon - Replaced the old monolithic process with a separate gateway that handles all external connections (messaging platforms, browser extensions, paired devices). This is the component that produces the "disconnected (4008)" error when things go wrong.
Canvas system - New UI framework for the web dashboard. Richer interactions, but also more memory-hungry.
15+ messaging platforms - Beyond the original 5 (WhatsApp, Telegram, Discord, Slack, iMessage), v4.0 added support for WeChat, Line, Signal, Matrix, and others.
Built-in cron scheduling - Previously required a separate plugin. Now native.
New plugin architecture - Old plugins don't work. They need to be rewritten for the new API.

Breaking changes: Config files changed format. Docker compose files needed updates. Environment variable names changed. Most third-party plugins stopped working. Migration wasn't automatic - you had to read the changelog and manually update your setup. Multiple users reported 3-7 hours of migration work.

v4.1 - ClawHub marketplace (March 15)

The official skills marketplace. One-click install for community-built plugins. Over 13,000 skills listed within the first week.

ClawHub skills marketplace - Browse and install skills from the web UI. Search across 6 registries.
Claude Code as ACP harness - Anthropic's Claude Code can now act as an Agent Communication Protocol harness, letting Claude-powered agents interact with OpenClaw.
Enhanced memory - Semantic search across conversation history via Soul.md. The agent can recall context from weeks-old conversations.

The catch: ClawHub's rapid growth brought security problems. Researchers found up to 1,184 malicious skills including crypto stealers, prompt injection payloads, and data exfiltration tools. The vetting process couldn't keep up with submissions.

Security patches: 9 CVEs (March 18-21)

This was the week that made a lot of self-hosters reconsider their choices. Nine CVEs disclosed in four days, including:

CVE-2026-22172 (CVSS 9.9) - WebSocket shared-auth scope escalation. Attackers with a valid shared token could self-declare admin scopes. The server trusted client-declared scopes without validation.
RCE via allowlist bypass - Sandbox escape that let malicious skills execute arbitrary code on the host.
Brute-forceable WebSocket auth - No rate limiting on connection attempts.

Patches were spread across versions 2026.2.19 through 2026.3.12. You need at least v2026.3.12 to be patched against all nine. Full details in our CVE breakdown.

v4.2 - Agent Communication Protocol (March 28)

The latest major release. ACP lets OpenClaw agents talk to each other.

Agent Communication Protocol (ACP) - Inter-agent messaging. One agent can delegate tasks to another, share context, and coordinate workflows.
Thread-bound persistent sessions - Conversations maintain state across restarts. No more losing context when the container restarts.
Sub-agent spawning - Label-based targeting lets a parent agent spin up child agents for specific tasks.
session_status tool - Track token usage, session duration, and cost per conversation.

Breaking changes: The ACP protocol requires a new gateway configuration block. Existing multi-agent setups need to be migrated to the new protocol.

The upgrade math

If you self-host and you're on anything older than v4.2, here's what upgrading looks like:

Read the changelog for every version between yours and v4.2
Back up your data and config files
Pull the new Docker image
Update your docker-compose.yml and .env for the new config format
Rebuild or replace any third-party plugins that broke in v4.0
Test that all your messaging integrations still work
Debug whatever broke (expect 1-3 hours of this)

If you're still on a pre-4.0 version, the migration is significant. Multiple users reported full days of work.

Or skip the treadmill

With TryOpenClaw.ai, every one of these releases was applied automatically. Security patches landed same-day. Breaking changes were tested before rollout. You didn't have to read a single changelog, pull a Docker image, or debug a config migration. That's the point of managed hosting - you use the agent, we deal with the infrastructure. $39/month.

Linas Valiukas

Software engineer and founder of TryOpenClaw.ai. Been writing code since age 14.

Try it right now

This is just one example - OpenClaw adapts to whatever you need. Describe any workflow in plain language and it figures out the rest. Pay $1 for a full 24-hour trial, pick your messaging app, and start chatting with your own instance in under 60 seconds. Love it? $39/mo. Not for you? Walk away - we delete everything.

Try OpenClaw for $1

24h full access. No commitment. Cancel anytime.