CVE-2026-28950

Summary

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 15.8.8 and iPadOS 15.8.8, iOS 16.7.16 and iPadOS 16.7.16, iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2, iPadOS 17.7.11. Notifications marked for deletion could be unexpectedly retained on the device.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOS0 < 15.8.8affected
AppleiOS and iPadOS0 < 16.7.16affected
AppleiOS and iPadOS0 < 18.7.8affected
AppleiOS and iPadOS0 < 26.4.2affected
AppleiPadOS0 < 17.7.11affected

Weaknesses

  • Notifications marked for deletion could be unexpectedly retained on the device

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References