Apple out-of-band iOS/iPadOS security updates (CVE-2026-28950)
Security Patch Release
Summary
Hide ▲
Show ▼
Apple released out-of-band security updates for iPhone and iPad on April 22, 2026 to fix CVE-2026-28950. The patch addresses a Notification Services flaw that could leave deleted notifications stored on the device, creating a privacy risk. Apple said the issue was fixed through improved data redaction. The company did not say whether the flaw was exploited in attacks.
Related Happenings
AirDrop and Quick Share fixes from Apple and Google
Security Patch Release
H score27
First: 30.06.2026 12:27
Last: 30.06.2026 12:27
Sources 1
About this happening:
**Apple** and **Google** have started shipping fixes for the disclosed **AirDrop** and **Quick Share** flaws, reducing exposure for nearby attacks against widely used sharing feat...
AirDrop and Quick Share fixes from Apple and Google
Security Patch ReleaseAbout this happening: **Apple** and **Google** have started shipping fixes for the disclosed **AirDrop** and **Quick Share** flaws, reducing exposure for nearby attacks against widely used sharing feat...
Apple iOS, macOS, and Safari security updates (multiple vulnerabilities)
Security Patch Release
H score33
First: 30.06.2026 10:15
Last: 30.06.2026 10:15
Sources 1
About this happening:
**Apple** released security updates for **iOS**, **macOS**, and **Safari** that fix **over three dozen flaws**, including **four WebKit vulnerabilities**. The update bundle covers...
Apple iOS, macOS, and Safari security updates (multiple vulnerabilities)
Security Patch ReleaseAbout this happening: **Apple** released security updates for **iOS**, **macOS**, and **Safari** that fix **over three dozen flaws**, including **four WebKit vulnerabilities**. The update bundle covers...
Apple security patch release for CVE-2025-20701
Security Patch Release
H score29
First: 18.06.2026 15:23
Last: 18.06.2026 15:23
Sources 1
About this happening:
Apple released **Beats Firmware Update 1B211** for **Beats Studio Buds** to fix **CVE-2025-20701**, closing a Bluetooth flaw that could let nearby attackers spy on conversations....
Apple security patch release for CVE-2025-20701
Security Patch ReleaseAbout this happening: Apple released **Beats Firmware Update 1B211** for **Beats Studio Buds** to fix **CVE-2025-20701**, closing a Bluetooth flaw that could let nearby attackers spy on conversations....
Apple Passwords app and Safari add Apple Intelligence-powered automatic password repair
Security Tool/Service
H score10
First: 09.06.2026 00:03
Last: 09.06.2026 00:03
Sources 1
About this happening:
**Apple Passwords app** and **Safari** are adding an **Apple Intelligence** feature that can automatically repair weak or compromised passwords, reducing password-hygiene risk for...
Apple Passwords app and Safari add Apple Intelligence-powered automatic password repair
Security Tool/ServiceAbout this happening: **Apple Passwords app** and **Safari** are adding an **Apple Intelligence** feature that can automatically repair weak or compromised passwords, reducing password-hygiene risk for...
Microsoft security patch release for CVE-2026-41089
Security Patch Release
H score43
First: 13.05.2026 00:46
Last: 13.05.2026 00:46
Sources 1
About this happening:
**Microsoft** and other major software vendors shipped a heavy **May 2026** patch cycle, with fixes spanning **Windows**, **iOS**, **Firefox**, **Oracle** products, and **Chrome**...
Microsoft security patch release for CVE-2026-41089
Security Patch ReleaseAbout this happening: **Microsoft** and other major software vendors shipped a heavy **May 2026** patch cycle, with fixes spanning **Windows**, **iOS**, **Firefox**, **Oracle** products, and **Chrome**...
Timeline
-
23.04.2026 11:50 1 articles · 2mo ago
Apple security patch release for CVE-2026-28950
Initial DisclosureApple issued **iOS 26.4.2**, **iPadOS 26.4.2**, **iOS 18.7.8**, and **iPadOS 18.7.8** on **2026-04-23** to close **CVE-2026-28950**, which could preserve deleted-message notifications on affected devices.
Show sources
- Apple Patches iOS Flaw Allowing Recovery of Deleted Chats — www.securityweek.com — 23.04.2026 11:50
-
22.04.2026 23:58 2 articles · 2mo ago
Apple releases CVE-2026-28950 iPhone and iPad fixes
Mitigation Patch UpdateApple released out-of-band security updates for iPhone and iPad on April 22, 2026 to fix CVE-2026-28950 in Notification Services, where notifications marked for deletion could remain stored on the device; Apple said the flaw was fixed through improved data redaction and did not say whether it was exploited in attacks. Additional reporting described Signal messages recovered from a suspect's iPhone through Apple's internal notification storage, where incoming notifications were preserved after Signal was removed.
Show sources
- Apple fixes iOS bug that retained deleted notification data — www.bleepingcomputer.com — 22.04.2026 23:58
- Apple Fixes iOS Notification Bug Exposing Deleted Messages — www.infosecurity-magazine.com — 23.04.2026 16:00