firefox vulnerability allows tor user fingerprinting
Critical Vulnerability Discovered in Firefox
A recent discovery has revealed a critical vulnerability in Firefox that could allow threat actors to fingerprint users even in private browsing mode. This issue also affects the Tor anonymity browser, which is based on Firefox.
The Vulnerability Overview
The vulnerability, tracked as CVE-2026-6770, relates to the IndexedDB browser API, which is used for storing structured data on the client side. Firefox stores IndexedDB database names using internal UUID mappings, and when a website lists those databases, the order they come back in remains the same across different sites while the same browser process is running.
Fingerprinting Users Across Domains
This enables unrelated sites to independently observe the same ordering and use it to link a user’s activity across domains without any cookies or shared storage. The fingerprint persists across reloads and new private sessions until the browser is fully restarted.
“This vulnerability highlights the importance of properly implementing client-side storage mechanisms to prevent session hijacking and user tracking,” said experts. “Similar vulnerabilities may exist in other browsers, and we recommend regularly updating software to ensure protection against emerging threats.”
Patching the Flaw
Mozilla patches the flaw with the release of Firefox 150, and the organization assigned the flaw a ‘medium severity’ rating. The Tor project has also adopted the patch, rolling it out to users last week with the release of Tor Browser 15.0.10.
Increasing Complexity of Cyberattacks
The increase in complex cyberattacks and nation-state-sponsored activities has raised concerns about the ability of organizations to respond effectively to security incidents. Experts stress the importance of collaborative efforts between governments, industry leaders, and research institutions to share information and develop effective countermeasures against evolving threats.