Apple releases: iOS 26.4.2 + iOS 18.7.8 (notifications database fix)
Apple’s April 22 releases (iOS 26.4.2 and iOS 18.7.8) are a reminder that platform ‘bugfix’ updates can have direct privacy implications. In this case, it appears to close a hole where deleted notifications could persist in the on-device notification database.
Original post (source): Apple Developer - “Releases” (April 22, 2026)
The headline
Apple shipped iOS 26.4.2 / iPadOS 26.4.2 (plus iOS 18.7.8 / iPadOS 18.7.8) and, in the broader conversation this week, the most interesting part is what it implies: notification storage is part of your privacy surface.
What happened (in plain terms)
- Apple’s releases page shows the April 22 drops, and links to release notes for the 26.4.2 updates.
- Coverage around the release points to a bug where notifications marked for deletion could remain in a local notification database, making them potentially recoverable with forensic tooling.
This is not a “growth hack” topic, but it is absolutely a trust + support topic.
Why this matters for app teams
- Support load: if users believe “deleted means deleted” and it doesn’t, your privacy messaging and support scripts can get awkward fast.
- Secure messaging + sensitive apps: if your app surfaces sensitive content via push, you are now in the blast radius of OS-level notification handling, backups, and lock-screen settings.
- Lifecycle messaging risk: the more content you put into a push preview, the more you have to be comfortable with it being visible (and potentially retained) outside your app.
Tiny win
Pick your top 3 notification templates and rewrite them with the question: “If this shows up on a lock screen, or gets retained longer than expected, is it still okay?”
If not, shorten the copy and push the “real content” behind an in-app deep link.
Read the original (canonical): https://developer.apple.com/news/releases/
Want help with ASO?
If you want this implemented for your app, check out our services - or run your workflow in APPlyzer.