Mozilla Patches Firefox Vulnerability Allowing Tor User Fingerprinting
Researchers have identified a vulnerability in Firefox that could allow threat actors to fingerprint users, even in Private Browsing mode. This issue also affects the Tor browser, which is based on Firefox. The vulnerability, tracked as CVE-2026-6770, involves the IndexedDB browser API, which stores structured data on the client side. Firefox uses internal UUID mappings for IndexedDB database names, and the order of these databases remains consistent across different sites while the same browser process is running. This consistency allows unrelated sites to link a user's activity across domains without cookies or shared storage. Mozilla has addressed this issue with the release of Firefox 150, assigning it a 'medium severity' rating. The Tor Project has also implemented the patch in its latest browser update. 
