On February 25, 2026, Nous Research released Hermes Agent v0.1.0. Forty-two days later, on April 8, the project had been updated to v0.8.0, involving a total of 8 major version releases, hundreds of pull requests, and contributions from 242 contributors.

Meanwhile, the OpenClaw project on GitHub, which had received 346,000 stars, exposed 138 security vulnerabilities within 63 days, of which 41% were classified as severe or high-risk, including a zero-click remote code execution vulnerability with a CVSS score of 8.8, CVE-2026-25253.

According to Shodan scan data, in February, over 42,000 OpenClaw instances were exposed to the public internet, and 63% of them did not have gateway authentication enabled, highlighting the critical flaws in the default security configurations of current mainstream proxy architectures.