For HomeFor BusinessFor Partners
Industry News Mobile Security
3 min read

Apple Fixes ‘Persistent Notifications’ Flaw on Older iPhones and iPads

Filip TRUȚĂ
Filip TRUȚĂ

May 14, 2026

Apple Fixes ‘Persistent Notifications’ Flaw on Older iPhones and iPads

Got an older iPhone or iPad? Check your software version.

Apple rolled out updates across its entire product lineup this week, delivering a long list of security fixes. One important patch fixes a serious flaw that allowed “deleted” notification data, such as message previews from encrypted apps like Signal, to persist on iPhones and later be recovered.

Key takeaways

  • Apple has extended a fix for the “persisting notifications” flaw to older iPhones and iPads, including devices as old as the iPhone 6s.
  • The bug could allow deleted notification previews — including fragments of Signal messages — to remain stored on a device.
  • The issue, tracked as CVE-2026-28950, was addressed with improved data redaction.
  • Apple released security updates across iOS, iPadOS, macOS, watchOS, tvOS, and visionOS.
  • Users are strongly advised to install the latest updates as soon as possible.

The security flaw, patched in iOS 26.4.2 last month, drew attention after reports that the FBI was able to forensically extract deleted Signal messages from a suspect’s device — not by breaking encryption, but by accessing the iPhone’s notification database.

As we noted previously, notification previews can include portions of message content so they effectively create a secondary record of conversations. This record can persist even after the messages are deleted or the Signal app is uninstalled.

While iOS 26.4.2 addressed the issue on newer device models, older Apple hardware had yet to receive the same fix. Recognizing the importance of the patch, the tech giant from Cupertino is now making the security update available for devices dating back to the iPhone 6s.

‘Notifications marked for deletion’

Tracked as CVE-2026-28950, the vulnerability is a Notification Services issue where “notifications marked for deletion could be unexpectedly retained on the device.”

Apple addressed this logging issue “with improved data redaction,” according to this week’s bulletin.

Which devices got the patch?

  • iOS 15.8.8 and iPadOS 15.8.8 address the issue on iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation).
  • iOS 16.7.16 and iPadOS 16.7.16 fix the bug on iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.
  • iPadOS 17.7.11, mends the issue on iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation.

iOS 15 and iOS 16 are among the oldest iOS versions that Apple still supported with security updates, while iPadOS 17 remains a separate branch maintained for specific iPad models that weren’t upgraded further.

Update today!

As we regularly warn, even if you’re not a high-risk individual, it’s wise to stay current with the latest security patches — you never know when you might become a target.

To update your iDevice:

  • Go to Settings
  • Tap General
  • Tap Software Update. The currently installed version of iOS is shown, and you’ll see whether an update is available.
  • If an update is available, tap Download and Install, then follow the onscreen instructions.

Security updates across the board

In addition to these timely updates, Apple this week patched dozens more security flaws across the rest of its product ecosystem. Here’s the full list of updates released this week:

  • iOS 26.5 and iPadOS 26.5 – for iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later
  • iOS 18.7.9 and iPadOS 18.7.9 – for iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation
  • iPadOS 17.7.11 – iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
  • iOS 16.7.16 and iPadOS 16.7.16 – for iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation
  • iOS 15.8.8 and iPadOS 15.8.8 – for iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
  • macOS Tahoe 26.5 – for Macs running macOS Tahoe
  • macOS Sequoia 15.7.7 – for Macs running macOS Sequoia
  • macOS Sonoma 14.8.7 – for Macs running macOS Sonoma
  • tvOS 26.5 – for Apple TV HD and Apple TV 4K (all models)
  • watchOS 26.5 – for Apple Watch Series 6 and later
  • visionOS 26.5 for Apple Vision Pro (all models)

Visit the Apple security releases support page to see the advisories for each individual update and learn which vulnerabilities they address.

For additional peace of mind, consider running an independent security solution on all your personal devices. Keep the trusty Lockdown Mode toggle handy if you believe hackers might target you.

You may also want to read:

iOS Flaw Exposes ‘Deleted’ Message Data Through Notifications – Patch Now! (iOS 26.4.2 and iOS 18.7.8)

Safer Messaging for Kids: How to Set Up a Parent-Managed WhatsApp Account for Your Child

Why Don’t You Use a Mobile Security App? We Ask Netizens

tags

Industry News Mobile Security

Author

Filip TRUȚĂ

Filip TRUȚĂ

Filip has 17 years of experience in technology journalism. In recent years, he has focused on cybersecurity in his role as a Security Analyst at Bitdefender.

View all posts

You might also like

Bookmarks

loader