starred/ntfy
1
0
Fork 0
mirror of https://github.com/binwiederhier/ntfy.git synced 2026-05-09 16:35:53 +02:00
Code Issues 368 Projects Packages Wiki Activity

[GH-ISSUE #1370] Getting random "goege test" notifications on iOS unexpectedly #969

New issue
Closed
opened 2026-05-07 00:29:12 +02:00 by BreizhHardware · 14 comments
BreizhHardware commented 2026-05-07 00:29:12 +02:00
Owner
Copy link

Originally created by @plia7 on GitHub (Jun 17, 2025).
Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/1370

🐞 Describe the bug
I'm getting sometimes unexpected notification from Ntfy with the title "goege" in bold and the body of "test", although I didn't trigger such message. This happens every few days or hours, it appears to be happening at random times but pretty consistent with the same notification header/body.

But most parts other intended notifications are pretty consistent and delivered quickly and expectedly but getting this strange notification in recent times made me concerned there might be some security compromise or something is not right. Hopefully someone could shed some light if it's a bug or some potential security concern.

💻 Components impacted

iOS Ntfy app version 1.3
ntfy_2.5.0_linux_armv7 (self hosted but using upstream-base-url: "https://ntfy.sh")

💡 Screenshots and/or logs

image

Thank you.

Originally created by @plia7 on GitHub (Jun 17, 2025). Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/1370 :lady_beetle: **Describe the bug** I'm getting sometimes unexpected notification from Ntfy with the title "goege" in bold and the body of "test", although I didn't trigger such message. This happens every few days or hours, it appears to be happening at random times but pretty consistent with the same notification header/body. But most parts other intended notifications are pretty consistent and delivered quickly and expectedly but getting this strange notification in recent times made me concerned there might be some security compromise or something is not right. Hopefully someone could shed some light if it's a bug or some potential security concern. :computer: **Components impacted** <!-- ntfy server, Android app, iOS app, web app --> iOS Ntfy app version 1.3 ntfy_2.5.0_linux_armv7 (self hosted but using upstream-base-url: "https://ntfy.sh") :bulb: **Screenshots and/or logs** <!-- If applicable, add screenshots or share logs help explain your problem.--> ![image](https://github.com/user-attachments/assets/92192066-8773-4185-98a3-55e328ac1bf9) Thank you.
BreizhHardware 2026-05-07 00:29:12 +02:00
  • closed this issue
  • added the
    🪲 bug
         label
BreizhHardware commented 2026-05-07 00:29:13 +02:00
Author
Owner
Copy link

@wunter8 commented on GitHub (Jun 17, 2025):

If you're self-hosting, then it seems like someone is sending that to your self-hosted server on a topic you're subscribed to. Do you have ntfy access controls in place?

<!-- gh-comment-id:2978947423 --> @wunter8 commented on GitHub (Jun 17, 2025): If you're self-hosting, then it seems like someone is sending that to your self-hosted server on a topic you're subscribed to. Do you have ntfy access controls in place?
BreizhHardware commented 2026-05-07 00:29:13 +02:00
Author
Owner
Copy link

@plia7 commented on GitHub (Jun 17, 2025):

If you're self-hosting, then it seems like someone is sending that to your self-hosted server on a topic you're subscribed to. Do you have ntfy access controls in place?

How do I check? I didn't open any router ports, so how can someone access to it?

<!-- gh-comment-id:2980765512 --> @plia7 commented on GitHub (Jun 17, 2025): > If you're self-hosting, then it seems like someone is sending that to your self-hosted server on a topic you're subscribed to. Do you have ntfy access controls in place? How do I check? I didn't open any router ports, so how can someone access to it?
BreizhHardware commented 2026-05-07 00:29:13 +02:00
Author
Owner
Copy link

@wunter8 commented on GitHub (Jun 17, 2025):

If everything is just running on your local network and you didn't expose your ntfy server to the Internet (e.g., using Cloudflare tunnels, Pangolin, ngrok, opening ports on your router, etc.), then this would be exceedingly weird

<!-- gh-comment-id:2980838150 --> @wunter8 commented on GitHub (Jun 17, 2025): If everything is just running on your local network and you didn't expose your ntfy server to the Internet (e.g., using Cloudflare tunnels, Pangolin, ngrok, opening ports on your router, etc.), then this would be exceedingly weird
BreizhHardware commented 2026-05-07 00:29:13 +02:00
Author
Owner
Copy link

@plia7 commented on GitHub (Jun 17, 2025):

If everything is just running on your local network and you didn't expose your ntfy server to the Internet (e.g., using Cloudflare tunnels, Pangolin, ngrok, opening ports on your router, etc.), then this would be exceedingly weird

Is there a way to enable logs somehow to see where the notification is coming from? @wunter8 The only way to access it from an external network is through a mesh vpn called Tailscale

<!-- gh-comment-id:2981028383 --> @plia7 commented on GitHub (Jun 17, 2025): > If everything is just running on your local network and you didn't expose your ntfy server to the Internet (e.g., using Cloudflare tunnels, Pangolin, ngrok, opening ports on your router, etc.), then this would be exceedingly weird Is there a way to enable logs somehow to see where the notification is coming from? @wunter8 The only way to access it from an external network is through a mesh vpn called Tailscale
BreizhHardware commented 2026-05-07 00:29:13 +02:00
Author
Owner
Copy link

@wunter8 commented on GitHub (Jun 17, 2025):

Are you sure the messages are being sent to a topic on your server? Is it possible you subscribed to a topic on the public ntfy.sh instance?

<!-- gh-comment-id:2981137829 --> @wunter8 commented on GitHub (Jun 17, 2025): Are you sure the messages are being sent to a topic on your server? Is it possible you subscribed to a topic on the public ntfy.sh instance?
BreizhHardware commented 2026-05-07 00:29:13 +02:00
Author
Owner
Copy link

@plia7 commented on GitHub (Jun 17, 2025):

Are you sure the messages are being sent to a topic on your server? Is it possible you subscribed to a topic on the public ntfy.sh instance?

It's possible, how can I check what am I subscribed too?

<!-- gh-comment-id:2981646372 --> @plia7 commented on GitHub (Jun 17, 2025): > Are you sure the messages are being sent to a topic on your server? Is it possible you subscribed to a topic on the public ntfy.sh instance? It's possible, how can I check what am I subscribed too?
BreizhHardware commented 2026-05-07 00:29:14 +02:00
Author
Owner
Copy link

@wunter8 commented on GitHub (Jun 17, 2025):

If you open the ntfy app, you should see a list of topics you're subscribed to

<!-- gh-comment-id:2981690625 --> @wunter8 commented on GitHub (Jun 17, 2025): If you open the ntfy app, you should see a list of topics you're subscribed to
BreizhHardware commented 2026-05-07 00:29:14 +02:00
Author
Owner
Copy link

@plia7 commented on GitHub (Jun 17, 2025):

If you open the ntfy app, you should see a list of topics you're subscribed to

Only the local one is showing.
Interestingly when I click on it, I don't see the mentioned notification there. I went through the last month of notifications.

So how can I get this notification outside of this topic? Could this be related to the public upstream base url that I'm using?

<!-- gh-comment-id:2981810204 --> @plia7 commented on GitHub (Jun 17, 2025): > If you open the ntfy app, you should see a list of topics you're subscribed to Only the local one is showing. Interestingly when I click on it, I don't see the mentioned notification there. I went through the last month of notifications. So how can I get this notification outside of this topic? Could this be related to the public upstream base url that I'm using?
BreizhHardware commented 2026-05-07 00:29:14 +02:00
Author
Owner
Copy link

@wunter8 commented on GitHub (Jun 17, 2025):

upstream-base-url: https://ntfy.sh is required to get instantaneous notifications from your self-hosted server using the native iOS app. However, message contents are never sent through that upstream server.

If the notification isn't showing up in the list of notifications inside the app, you might have two ntfy apps installed (like the native app and the PWA)? Or maybe you subscribed to a topic on the public ntfy.sh instance and it's getting notifications through a service worker? I'm not sure. I haven't heard of anyone having a problem like this before.

The next time the notification pops up, I'd click on it and see where it takes you. (I recognize that sounds a bit dangerous. My hope is that it will open up whatever ntfy server/app/topic is sending those messages so we can get a better idea of what's going on. I'm not sure how else we can diagnose it right now)

<!-- gh-comment-id:2982029542 --> @wunter8 commented on GitHub (Jun 17, 2025): `upstream-base-url: https://ntfy.sh` is required to get instantaneous notifications from your self-hosted server using the native iOS app. However, message contents are never sent through that upstream server. If the notification isn't showing up in the list of notifications inside the app, you might have two ntfy apps installed (like the native app and the PWA)? Or maybe you subscribed to a topic on the public ntfy.sh instance and it's getting notifications through a service worker? I'm not sure. I haven't heard of anyone having a problem like this before. The next time the notification pops up, I'd click on it and see where it takes you. (I recognize that sounds a bit dangerous. My hope is that it will open up whatever ntfy server/app/topic is sending those messages so we can get a better idea of what's going on. I'm not sure how else we can diagnose it right now)
BreizhHardware commented 2026-05-07 00:29:14 +02:00
Author
Owner
Copy link

@plia7 commented on GitHub (Jun 18, 2025):

upstream-base-url: https://ntfy.sh is required to get instantaneous notifications from your self-hosted server using the native iOS app. However, message contents are never sent through that upstream server.

If the notification isn't showing up in the list of notifications inside the app, you might have two ntfy apps installed (like the native app and the PWA)? Or maybe you subscribed to a topic on the public ntfy.sh instance and it's getting notifications through a service worker? I'm not sure. I haven't heard of anyone having a problem like this before.

The next time the notification pops up, I'd click on it and see where it takes you. (I recognize that sounds a bit dangerous. My hope is that it will open up whatever ntfy server/app/topic is sending those messages so we can get a better idea of what's going on. I'm not sure how else we can diagnose it right now)

Ok, I'm only subscribed to one topic. I only have a single app instance installed. I'm not signed to a safari web based PWA notifications. Let me see when I get it next time and click on it, see where it takes me and report back, thanks.

<!-- gh-comment-id:2982267379 --> @plia7 commented on GitHub (Jun 18, 2025): > `upstream-base-url: https://ntfy.sh` is required to get instantaneous notifications from your self-hosted server using the native iOS app. However, message contents are never sent through that upstream server. > > If the notification isn't showing up in the list of notifications inside the app, you might have two ntfy apps installed (like the native app and the PWA)? Or maybe you subscribed to a topic on the public ntfy.sh instance and it's getting notifications through a service worker? I'm not sure. I haven't heard of anyone having a problem like this before. > > The next time the notification pops up, I'd click on it and see where it takes you. (I recognize that sounds a bit dangerous. My hope is that it will open up whatever ntfy server/app/topic is sending those messages so we can get a better idea of what's going on. I'm not sure how else we can diagnose it right now) Ok, I'm only subscribed to one topic. I only have a single app instance installed. I'm not signed to a safari web based PWA notifications. Let me see when I get it next time and click on it, see where it takes me and report back, thanks.
BreizhHardware commented 2026-05-07 00:29:14 +02:00
Author
Owner
Copy link

@plia7 commented on GitHub (Jul 1, 2025):

Hi @wunter8 - Some interesting update on this issue - I was flying the other day and my phone was in flight mode (not connected to airline wifi or any internet connection and obviously no vpn connection). Suddenly I received the same notification:

image

I clicked on it. It took me to the ntfy app but didn't go inside the only topic that I'm subscribed to, just the main "Subscribed topics" screen. It also didn't add this notification to the only topic that I'm subscribed to.

What do you think this could tell us? A random bug in the app? Including @binwiederhier in case he has any idea too.

Thank you.

<!-- gh-comment-id:3024965861 --> @plia7 commented on GitHub (Jul 1, 2025): Hi @wunter8 - Some interesting update on this issue - I was flying the other day and my phone was in flight mode (not connected to airline wifi or any internet connection and obviously no vpn connection). Suddenly I received the same notification: ![image](https://github.com/user-attachments/assets/42c0fc42-5e55-48ac-b547-2c2c2a05758f) I clicked on it. It took me to the ntfy app but didn't go inside the only topic that I'm subscribed to, just the main "Subscribed topics" screen. It also didn't add this notification to the only topic that I'm subscribed to. What do you think this could tell us? A random bug in the app? Including @binwiederhier in case he has any idea too. Thank you.
BreizhHardware commented 2026-05-07 00:29:14 +02:00
Author
Owner
Copy link

@plia7 commented on GitHub (Jul 3, 2025):

@wunter8 @binwiederhier Ok actually I found what's causing it. It's caused by some third party tweak that does a fake notification for ntfy. I enabled it accidentally and that's where it has this title and body text confirmed. I'm disabling it and closing this ticket.

Thank you.

<!-- gh-comment-id:3031639794 --> @plia7 commented on GitHub (Jul 3, 2025): @wunter8 @binwiederhier Ok actually I found what's causing it. It's caused by some third party tweak that does a fake notification for ntfy. I enabled it accidentally and that's where it has this title and body text confirmed. I'm disabling it and closing this ticket. Thank you.
BreizhHardware commented 2026-05-07 00:29:14 +02:00
Author
Owner
Copy link

@wunter8 commented on GitHub (Jul 3, 2025):

I'm glad you figured it out and that it's not a problem with ntfy!

I'm curious what you mean by third party tweak, though. Are you saying there's a separate iOS app on your phone that lets you generate fake notifications that appear to be coming from another app?

I know Android can do that, but I'd be surprised if that's possible on iOS

<!-- gh-comment-id:3032446653 --> @wunter8 commented on GitHub (Jul 3, 2025): I'm glad you figured it out and that it's not a problem with ntfy! I'm curious what you mean by third party tweak, though. Are you saying there's a separate iOS app on your phone that lets you generate fake notifications that appear to be coming from another app? I know Android can do that, but I'd be surprised if that's possible on iOS
BreizhHardware commented 2026-05-07 00:29:14 +02:00
Author
Owner
Copy link

@plia7 commented on GitHub (Jul 3, 2025):

I'm glad you figured it out and that it's not a problem with ntfy!

I'm curious what you mean by third party tweak, though. Are you saying there's a separate iOS app on your phone that lets you generate fake notifications that appear to be coming from another app?

I know Android can do that, but I'd be surprised if that's possible on iOS

Yes, it's possible if you jailbreak your iOS.

<!-- gh-comment-id:3032854893 --> @plia7 commented on GitHub (Jul 3, 2025): > I'm glad you figured it out and that it's not a problem with ntfy! > > I'm curious what you mean by third party tweak, though. Are you saying there's a separate iOS app on your phone that lets you generate fake notifications that appear to be coming from another app? > > I know Android can do that, but I'd be surprised if that's possible on iOS Yes, it's possible if you jailbreak your iOS.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dependabot/npm_and_yarn/web/fast-uri-3.1.2
email-verification
attachment-no-http2
attachment-fixes
attachment-s3
config-generator
postgres-replica
dockers-v2
postgres-support
postgres-webpush+user+message
postgres-webpush+user
postgres-webpush
1364-copy-action
crashfix
user-header
scalar-api-docs
cancel-scheduled
update-available
windows-server
303-update-notifications
postgres
admin-ui
require-login
http-clipboard
message-cache-lock
debian-stripe
predefined-users
busy-timeout
template-dir
ipv6
client-ip-header
apns-fix
feat_optional_require_login
security-updates
pg-message-cache
templating-disallow
templating-3
templating-2
message-size-limit+delay-limit
remove-rate-topics
html-emails
cf-priority
acl-underscores
auth-user-header
markdown
img-attach
web-improvements
utf8-headers
matrix-507-reject
http-response-writer
new-homepage-design
e2e
canary
windows
electron
update-messages
webhook-templating
v2.22.0
v2.21.0
v2.20.1
v2.20.0
v2.19.2
v2.19.1
v2.19.0
v2.18.0
v2.17.0
v2.16.0
v2.15.0
v2.14.0
v2.13.0
v2.12.0
v2.11.0
v2.10.0
v2.9.0
v2.8.0
v2.7.0
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.0
v2.3.1
v2.3.0
v2.2.0
v2.1.2
v2.1.1
v2.1.0
v2.0.1
v2.0.0
v1.31.0
v1.30.1
v1.29.1
v1.29.0
v1.28.0
v1.27.2
v1.27.1
v1.26.0
v1.25.2
v1.25.1
v1.25.0
v1.24.0
v1.23.0
v1.22.0
v1.21.2
v1.21.1
v1.21.0
v1.20.0
v1.19.0
v1.18.1
v1.18.0
v1.17.1
v1.17.0
v1.16.0
v1.15.0
v1.14.1
v1.14.0
v1.13.0
v1.12.1
v1.12.0
v1.11.1
v1.11.2
v1.11.0
v1.10.0
v1.9.0
v1.8.0
v1.7.0
v1.6.1
v1.6.0
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.2
v1.3.3
v1.3.1
v1.3.0
v1.2.5
v1.2.4
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.1.3
v1.1.2
v1.1.1
v1.1.0
v1.0.0
v0.0.5
v0.0.4
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels   
ai-generated

   
android-app

   
android-app

   
android-app

   
🪲 bug

   
build

   
build

   
dependencies

   
docs

   
enhancement

   
enhancement

   
🔥 HOT

   
in-progress 🏃

   
ios

   
prio:low

   
prio:low

   
pull-request
Mirrored from GitHub Pull Request

  
question

   
🔒 security

   
server

   
server

   
unified-push

   
web-app

   
website
No labels
ai-generated
android-app
android-app
android-app
🪲 bug
build
build
dependencies
docs
enhancement
enhancement
🔥 HOT
in-progress 🏃
ios
prio:low
prio:low
pull-request
question
🔒 security
server
server
unified-push
web-app
website
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/ntfy#969
No description provided.