iOS notification logging flaw enabling recovery of deleted Signal chat previews patched by Apple

First reported

23.04.2026 11:50

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Apple released iOS/iPadOS updates (26.4.2, 18.7.8) to remediate CVE-2026-28950, a logging issue that retained deleted message previews in system cache despite user deletion and application uninstallation. The flaw allowed forensic recovery of Signal chat previews via cached notifications, affecting iPhone and iPad models from iPhone XR through iPhone 16 series and iPad mini (5th gen) to iPad Pro 13-inch (M4). Apple did not disclose exploitation status but subsequent reporting indicated the flaw was exploited by law enforcement in the Prairieland case to extract deleted Signal messages. Apple’s update improves data redaction to prevent notification previews from persisting after deletion or uninstallation.

Timeline

23.04.2026 11:50 1 articles · 2h ago

Apple patches iOS logging flaw CVE-2026-28950 enabling recovery of deleted Signal chat previews
Apple released iOS 26.4.2, iPadOS 26.4.2, iOS 18.7.8, and iPadOS 18.7.8 to address CVE-2026-28950, a logging issue that retained deleted message notifications in system cache. The update improves data redaction to prevent notification previews from persisting after deletion or app uninstallation, thereby mitigating forensic recovery of previews from apps such as Signal.
Show sources

Apple Patches iOS Flaw Allowing Recovery of Deleted Chats — www.securityweek.com — 23.04.2026 11:50
Open in new tab

Information Snippets

CVE-2026-28950 is a logging issue in iOS/iPadOS that caused deleted message notifications to be retained in system cache even after deletion and uninstallation of the originating app.
First reported: 23.04.2026 11:50

1 source, 1 article
Show sources
- Apple Patches iOS Flaw Allowing Recovery of Deleted Chats — www.securityweek.com — 23.04.2026 11:50
Apple resolved the issue in iOS 26.4.2, iPadOS 26.4.2, iOS 18.7.8, and iPadOS 18.7.8 by improving data redaction to prevent cached notification retention.
First reported: 23.04.2026 11:50

1 source, 1 article
Show sources
- Apple Patches iOS Flaw Allowing Recovery of Deleted Chats — www.securityweek.com — 23.04.2026 11:50
The flaw enabled forensic recovery of Signal chat previews from cached notifications on iPhones, despite messages being configured to disappear and the Signal app being uninstalled.
First reported: 23.04.2026 11:50

1 source, 1 article
Show sources
- Apple Patches iOS Flaw Allowing Recovery of Deleted Chats — www.securityweek.com — 23.04.2026 11:50
Reported exploitation involved law enforcement retrieving deleted Signal messages from an iPhone belonging to an alleged Antifa member in the Prairieland case using forensic tools to scrape cached notifications.
First reported: 23.04.2026 11:50

1 source, 1 article
Show sources
- Apple Patches iOS Flaw Allowing Recovery of Deleted Chats — www.securityweek.com — 23.04.2026 11:50
Signal confirmed no user action is required post-patch; the fix automatically removes inadvertently preserved notifications and prevents future preservation of notifications for deleted apps.
First reported: 23.04.2026 11:50

1 source, 1 article
Show sources
- Apple Patches iOS Flaw Allowing Recovery of Deleted Chats — www.securityweek.com — 23.04.2026 11:50
Affected devices include iPhone XR, XS, 11, 12, 13, 14, 15, 16 series, iPad mini (5th gen), iPad Air (3rd gen+), and iPad Pro 11-inch and 13-inch (all generations including M4).
First reported: 23.04.2026 11:50

1 source, 1 article
Show sources
- Apple Patches iOS Flaw Allowing Recovery of Deleted Chats — www.securityweek.com — 23.04.2026 11:50

Summary

Timeline

Apple patches iOS logging flaw CVE-2026-28950 enabling recovery of deleted Signal chat previews

Information Snippets