Apple patched a notification database vulnerability in recent iOS updates that allowed the FBI to access deleted Signal messages. During a federal case, investigators retrieved messages from defendants' iPhones even after they deleted Signal, revealing a flaw in how notification data was stored.

The iOS 26.4.2, iPadOS 26.4.2, iOS 18.7.8, and iPadOS 18.7.8 updates specifically addressed the logging issue with improved data redaction. The vulnerability allowed forensic tools to extract notification previews from the iPhone's internal memory, even when the Signal app had been removed from the device.

The case involved defendants charged with property damage and assault who had deleted Signal from their iPhones. When the FBI examined the devices using forensic tools, they found message previews stored in the notification database. Apple quickly patched the issue after it was reported by 404 Media, highlighting that even secure systems can have vulnerabilities.