Threat Intelligence / CVE / CVE-2026-28950

CVE-2026-28950

CVSS 6.2 (MEDIUM) · EPSS 0.0% · Published 2026-04-22

A logging issue was addressed with improved data redaction. Notifications marked for deletion could be unexpectedly retained.

CVSS v3 vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-359

Threats tracking this CVE

Apple iOS/iPadOS Notification Services Data Retention Zero-Day (CVE-2026-28950) — Exploited In-The-Wild for Forensic Extraction of Signal Messages — HIGH

References

Full detection coverage & IOCs for threats exploiting CVE-2026-28950 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence