Apple has released security updates to address a flaw in iOS and iPadOS that caused deleted notifications to remain stored on devices longer than intended, potentially exposing sensitive information.
The vulnerability, tracked as CVE-2026-28950, affected how the operating system handled notification data after users dismissed alerts. Instead of being fully removed, some notifications were retained within the system’s internal database. This meant that fragments of information, including message previews and app-generated alerts, could persist even after users believed they had been deleted.
The issue drew attention after reports suggested that forensic tools could extract this retained data from affected devices. In certain cases, investigators were reportedly able to recover message content from encrypted messaging apps such as Signal by accessing notification records, even when the original messages were no longer available within the app itself. This raised concerns about how operating system-level data handling could undermine expectations of privacy, particularly for users relying on secure messaging platforms.
Apple addressed the flaw in updates released on April 22, 2026, including iOS 26.4.2 and iPadOS 26.4.2, as well as patches for older supported versions such as iOS 18.7.8. The company stated that the fix improves how notification data is managed and ensures that deleted alerts are properly cleared from device storage.
While Apple did not disclose detailed technical specifics, the update appears to focus on strengthening data redaction and deletion processes within the notification system. This aligns with broader efforts across the industry to ensure that user actions, such as deleting content, are accurately reflected at the system level.
The incident highlights a recurring issue in mobile security, where data remnants can persist in unexpected locations even after deletion. Such residual data can become accessible through specialized tools, creating potential risks for privacy and security.
Users are advised to install the latest updates as soon as possible to ensure that the vulnerability is fully mitigated.