Apple Emergency Update Fixes iOS Notification Bug That Exposed Deleted Messages
Apple has released emergency patches for CVE-2026-28950, a Notification Services flaw in iOS and iPadOS that caused deleted message alerts to persist in system storage, potentially exposing sensitive content to forensic recovery.
Apple has issued an emergency update to fix a Notification Services flaw that caused deleted alerts to remain stored on devices, potentially exposing sensitive message content. Tracked as CVE-2026-28950, the issue has been resolved in iOS 26.4.2 and iPadOS 26.4.2, with patches also released for older supported versions of Apple operating systems.
The company said the bug stemmed from a logging issue that allowed notifications marked for deletion to persist. Apple added that improved data redaction addresses the problem, but did not confirm whether the flaw had been exploited or how long retained data could remain accessible.
The update follows reporting that forensic investigators recovered deleted Signal messages from an iPhone by accessing stored notification data rather than the app itself. According to 404 Media, message content remained available even after the app was removed because notifications had been cached in system storage. Although Apple did not reference the case directly, its advisory reflects similar behavior. The company has not explained why notification content was retained or when the issue was introduced.
Signal welcomed the fix. "We're grateful to Apple for the quick action here, and for understanding and acting on the stakes of this kind of issue," the company said in an X post on Wednesday. "It takes an ecosystem to preserve the fundamental human right to private communication."
The vulnerability impacts a broad range of iPhones and iPads, including iPhone 11 and later devices. Apple has also backported fixes to iOS 18.7.8 and iPadOS 18.7.8. Users can reduce risk by setting notification previews to "Name Only" or disabling message content, installing the latest OS updates promptly, and reviewing notification settings for sensitive apps.
The Electronic Frontier Foundation has warned that notifications may expose metadata or unencrypted content depending on implementation. Apple's update highlights how system-level features can introduce privacy risks, even when applications use encryption. This incident underscores the importance of ecosystem-wide privacy protections, as even end-to-end encrypted apps like Signal can be undermined by operating system notification caching.