APPLE has released a software update to fix a bug that could allow deleted notifications to be retrieved, with at least one reported case involving law enforcement during forensic analysis, according to Apple. The fix covers iOS and iPadOS versions 18.7.8 and 26.4.2, and addresses a single security vulnerability tracked as CVE-2026-28950, described as a logging issue addressed with improved data redaction.
The update suggests that notifications marked for deletion could be unexpectedly retained on the device, with copies of notification content stored in an internal database longer than intended even after messages disappeared or an app was uninstalled. A report from 404 Media noted that law enforcement was able to recover those notifications using standard forensic tools once they had access to an unlocked device, with Signal mentioned in that example.
A response on X by Signal references the FBI’s forensic extraction of copies of incoming Signal messages from a defendant’s iPhone after the app was deleted, due to content saved in the device’s push notification database. Users are advised to install the update via Settings > General > Software Update, and to enable Automatic Updates where possible.