Ever since launch, iOS 11 has had several public bugs and errors despite numerous minor updates to the mobile operating system. Yet another bug seems to have surfaced that could lead to privacy issues for users who have third-party messaging apps installed on their devices. The bug allows Siri to read out loud content from app notifications even if previews have been hidden by the user. Interestingly enough, the bug does not work for native apps like Messages, thus SMS messages and iMessage texts are safe.
First reported by Mac Magazine, the bug is seemingly present in all versions of iOS 11, including the latest beta version of iOS 11.3. To try it out for yourself, you can go into Settings > Notifications > select an app (preferably a messaging app) > Show Previews > and click on When Unlocked. Have someone send you a notification on the chosen app and ask Siri to "read my notifications". We tried it out ourselves, and found the bug does exist. On an iPhone 7 Plus running iOS 11.2.6, Siri read out WhatsApp and Slack messages despite the 'When Unlocked' setting.
This bug is of particular concern to iPhone X users as the smartphone is set to hide notification previews - which are shown on Face ID authentication - out-of-the-box. This means that if the bug is still applicable, potentially all notifications on the iPhone X can be read out without the owner's permission. Do note that Siri cannot distinguish between different voices, unlike what Amazon's Alexa virtual assistant does on Echo devices.