Apple has released iOS/iPadOS 26.4.2 and iOS/iPadOS 18.7.8 to address a single vulnerability, CVE-2026-28950, which allowed notifications marked for deletion to be retained on devices due to a logging issue. Although Apple did not confirm exploitation, reports suggest the FBI utilized this flaw to extract Signal messages from a seized device in a criminal case, highlighting the vulnerability's potential impact. The patch improves data redaction to mitigate this issue. The exploitation status of CVE-2026-28950 is crucial in determining the urgency of the patch, with active discussions ongoing. This vulnerability is significant as it may have been used to bypass encryption, emphasizing the need for timely updates1. The fact that a law enforcement agency may have exploited this vulnerability underscores the importance of applying the patch to prevent similar incidents.
Apple Patches Exploited Notification Flaw, (Thu, Apr 23rd)
⚡ High Priority
Why This Matters
CVE-2026-28950 is in active discussion involving FBI — exploitation status determines whether this is patch-now or monitor.
References
- SANS Internet Storm. (2026, April 23). Apple Patches Exploited Notification Flaw. *[SANS Internet Storm]*. https://isc.sans.edu/diary/rss/32922
Original Source
SANS Internet Storm
Read original →