Apple has released iOS 26.4.2 and iPadOS 26.4.2 to address a security vulnerability that could allow deleted Signal message previews to be retained on devices, even after the app was uninstalled. The update, made available on April 22, 2026, resolves an issue within the Notification Services framework where certain logging data was not properly redacted, potentially exposing sensitive information.
According to Apple’s official security advisory, the flaw was identified as CVE-2026-28950 and involved a logging issue that failed to adequately purge notification data associated with deleted apps. This meant that under specific conditions — such as when Signal messages were configured to appear on the Lock Screen and the app was later deleted — message content could remain accessible in the device’s internal notification database.
The vulnerability came to light following recent court testimony in which law enforcement officials demonstrated the ability to extract Signal message previews from an iPhone involved in a legal case, despite the user having deleted the Signal app and enabled disappearing messages. Apple confirmed it became aware of the issue after this testimony and worked swiftly to develop a patch.
In its statement, Apple emphasized that it does not disclose, discuss, or confirm security issues until investigations are complete and patches are ready for release. The company advises all users running iOS 26, iPadOS 26, iOS 18, or iPadOS 18 to update to the latest versions to mitigate potential risks associated with the flaw.
The update is available for iPhone 11 and later models, iPad Pro 12.9-inch (3rd generation and later), iPad Pro 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (8th generation and later), and iPad mini (5th generation and later). Apple noted that the fix improves data redaction within the notification logging system to prevent unintended retention of transient data.
Security researchers have highlighted that while Signal itself provides end-to-end encryption, the manner in which iOS handles notifications — particularly when previews are enabled — can create auxiliary data points that may be exploited if system-level protections fail. This incident underscores the importance of timely operating system updates as a critical layer of defense against forensic data extraction techniques.
Apple’s Product Security team continues to monitor for emerging threats and encourages users to enable automatic updates to ensure they receive patches as soon as they become available. The company also directs users to its official security releases page for detailed information on past and current updates.
As of the release date, no evidence suggests widespread exploitation of the vulnerability outside of the specific legal context in which it was identified. Nevertheless, the prompt deployment of iOS 26.4.2 reflects Apple’s ongoing commitment to addressing potential privacy risks, particularly those involving third-party messaging applications.
Users seeking to verify their device’s current software version can navigate to Settings > General > Software Update. Apple recommends backing up data before installing any system update, although the iOS 26.4.2 release is designed to be non-disruptive to user data and settings.
Moving forward, Apple has not announced any additional updates specifically related to this issue, but the company maintains a regular cadence of security patches throughout the year. The next scheduled security release information will be posted on the Apple Security Releases page as it becomes available.
For individuals concerned about message privacy, experts suggest reviewing notification settings within individual apps and disabling Lock Screen previews for sensitive conversations as an added precaution. However, the primary safeguard remains keeping device software up to date.
World Today Journal will continue to monitor developments related to mobile security and privacy protections. Readers are invited to share their experiences with iOS updates or questions about device security in the comments section below.
Stay informed, stay updated, and help others do the same by sharing this article with friends and family who leverage Apple devices.