Key Highlights

• Apple released iOS 26.4.2 with a security patch for a notification logging issue affecting deleted messages.
• The bug allowed deleted chat alerts to remain stored in the notification database on older versions.
• The vulnerability was reportedly used to extract deleted Signal notifications during forensic analysis.
• Installing the update removes preserved notifications and prevents future retention of deleted alerts.

Apple has released iOS 26.4.2, a security-focused update that fixes a vulnerability allowing deleted chat notifications to remain stored on iPhones. The issue affected devices running iOS 26.4.1 or earlier and could allow forensic access to notification data even after messages were removed.

The patch also arrives alongside iPadOS 26.4.2 and applies to multiple supported iPhone and iPad models. Apple says the update improves notification data handling and strengthens system-level privacy protections.

What issue does iOS 26.4.2 fix?

The iOS 26.4.2 update addresses a flaw in Notification Services tracked as CVE-2026-28950. According to Apple, some deleted notifications were unexpectedly retained inside the device’s notification database.

In simple terms, alerts linked to removed conversations could still exist in system logs. That meant message previews remained accessible even after users deleted chats from apps.

Apple confirmed the issue resulted from a logging weakness and said it resolved the problem through improved data redaction mechanisms.

As a result, the update prevents older notifications from lingering inside system storage after deletion.

Why were deleted Signal messages reportedly recoverable?

Earlier reports suggested that investigators were able to extract deleted Signal message notifications from an iPhone during forensic analysis. The recovery reportedly relied on stored notification entries rather than access to the messages themselves inside the app.

This distinction matters. The vulnerability did not break Signal encryption. Instead, it exposed notification previews saved locally by the operating system.

Because notification previews sometimes include message text, the stored records created an indirect visibility gap.

With the new patch, Apple removes those preserved alerts and blocks similar retention going forward.

Which devices support the update?

Apple says the patch is available for iPhone 11 and newer models. It also supports multiple iPad generations, including recent iPad Pro, iPad Air, iPad mini, and standard iPad variants.

On one tested device, the update package measured about 771.8MB. However, file size may vary depending on device and region.

Apple’s release notes describe the update as containing bug fixes and security improvements rather than new features.

Do users need to take action after installing the update?

Signal confirmed that users only need to install the update to resolve the issue. Once the patch is applied, previously preserved notifications linked to deleted apps or chats are removed automatically.

The company also clarified that future deleted notifications will no longer remain stored in the system database after installation.

That means the vulnerability closes immediately after upgrading.

Why the iOS 26.4.2 update matters now

Security-focused updates often arrive quietly, but iOS 26.4.2 addresses a rare case where deleted notifications could still exist in system-level storage. By fixing this logging behavior, Apple strengthens how iPhones handle sensitive notification previews and improves protection against forensic extraction scenarios.

Users running earlier versions should install the update to ensure their devices no longer retain deleted notification data.