The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2. An attacker with physical access may be able to view deleted notes.
The code uses a cache that contains sensitive information, but the cache can be read by an actor outside of the intended control sphere.