Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion on the device, potentially allowing forensic tools to recover sensitive message data.
Tracked as CVE-2026-28950, the vulnerability is a logging issue that has been addressed with improved data redaction. Apple’s advisory states: “Notifications marked for deletion could be unexpectedly retained on the device.”
Forensic recovery tools, including those used by law enforcement agencies such as the FBI, could exploit this to recover deleted notifications from secure messaging apps like Signal — exposing message content users believed had been permanently removed.
Affected Devices
Fixed in iOS 26.4.2 and iPadOS 26.4.2, affecting:
- iPhone 11 and later (all models)
- iPhone XR, XS, XS Max
- iPhone SE (2nd and 3rd generation)
- iPhone 12 through 16 series, iPhone 16e
- iPad Pro (3rd gen and later), iPad Air (3rd gen and later)
- iPad (8th gen and later), iPad mini (5th gen and later)
The vulnerability highlights a growing vector for forensic data recovery from iOS devices — notification data that users reasonably expect to be deleted but remains accessible on the filesystem.