CVE-2026-28950

CVE Database · CVE-2026-28950

CVE-2026-28950

· MEDIUMModified

CVSS v3.1

6.2

EPSS

2.88%

Published

Apr 22, 2026

Modified

May 17, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 15.8.8 and iPadOS 15.8.8, iOS 16.7.16 and iPadOS 16.7.16, iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2, iPadOS 17.7.11. Notifications marked for deletion could be unexpectedly retained on the device.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-359

Affected Products (4)

apple · ipados (up to 18.7.8)vulnerable

apple · ipados (up to 26.4.2)vulnerable

apple · iphone_os (up to 18.7.8)vulnerable

apple · iphone_os (up to 26.4.2)vulnerable

References (10)

https://support.apple.com/en-us/127002

Release NotesVendor Advisory