Preface: To be or not to be! Fixing this “bug” makes it easier for criminals to destroy evidence. However, leaving it unpatched leaves billions of innocent users vulnerable to forensic data theft if their phones are ever lost or stolen.
Background: Internally, iOS manages notifications through a system service called bulletinboard. The actual data is typically stored in a SQLite database file named deliverednotifications[.]sqlite, located in a protected system directory (usually /private/var/mobile/Library/BulletinBoard/).
The Freelist Mechanism: When iOS deletes a notification, SQLite does not immediately erase the data from the hard drive; instead, it marks the block as “Freelist.”
Fundamental Problem: The original binary data still exists in these blocks before they are overwritten by new data.
• Forensic Principle: Forensic tools can scan these unallocated spaces and directly extract the message content.
Vulnerability details: A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2. Notifications marked for deletion could be unexpectedly retained on the device.
Official announcement: Please refer to the link for details –