iOS Vulnerability - Apple Fixes Deleted Notifications Issue

What Happened

Apple has released an important update for iOS and iPadOS to address a serious vulnerability identified as CVE-2026-28950. This flaw was found in the Notification Services, which improperly stored notifications even after users deleted them. This oversight meant that sensitive data, including messages from encrypted apps like Signal, could potentially be recovered.

The Flaw

The issue stemmed from how iOS managed notification data. When a message was sent to a user via Signal, it would be pushed to the device and temporarily stored by Apple's notification system. Even if the user deleted the message from Signal, remnants of that notification could remain in the device's database, making it accessible through forensic methods.

Who's Affected

What Data Was Exposed

The vulnerability primarily affected incoming messages. While outgoing messages do not leave a trace in the notification system, incoming messages could be retrieved even after the app was deleted. This could lead to sensitive information being exposed, especially in legal contexts, as highlighted by recent FBI investigations.

What You Should Do

Apple has released updates (iOS 26.4.2 and iPadOS 26.4.2) that address this vulnerability. Users are strongly encouraged to install these updates immediately. After installing the patch, any previously stored notifications will be deleted, and future notifications from deleted applications will not be retained. Signal has confirmed that no user action is required beyond updating their devices.

Conclusion

This incident highlights a crucial aspect of mobile privacy: the assumption that deleting messages from apps like Signal guarantees their complete removal. Users must remain vigilant and ensure their devices are updated to protect against such vulnerabilities. Apple’s quick response to this flaw is a positive step towards enhancing user privacy and security.