Firefox Vulnerability Allows Tor User Fingerprinting
CVE-2026-6770 is a vulnerability in Firefox and the Tor Browser that allows user fingerprinting through the IndexedDB API. This flaw enables websites to observe a stable ordering of IndexedDB database names across different sites within the same browser process, which can be used to link user activity even in Private Browsing mode or when Tor's New Identity feature is used. The vulnerability was assigned a medium severity rating by Mozilla and has been patched in Firefox 150 and Tor 15. 0. 10. Exploitation does not require cookies or shared storage and persists until the browser is fully restarted.
AI Analysis
Technical Summary
The vulnerability CVE-2026-6770 affects Firefox and the Tor Browser by leaking a stable identifier via the IndexedDB API. Firefox stores IndexedDB database names with internal UUID mappings, and the order in which these databases are listed remains consistent across different sites during the same browser session. This consistency allows unrelated websites to link user sessions and fingerprint users despite Private Browsing mode or Tor's New Identity feature, which are designed to isolate user activity. Mozilla rated the issue as medium severity and patched it in Firefox 150. The Tor Project also incorporated the fix in Tor Browser 15.0.10.
Potential Impact
The vulnerability allows threat actors to fingerprint users in Firefox's Private Browsing mode and Tor Browser's New Identity sessions by linking activity across different sites without relying on cookies or shared storage. This undermines privacy protections intended to isolate browsing sessions and protect user anonymity. The fingerprint persists until the browser process is restarted. There are no known exploits in the wild reported at this time.
Mitigation Recommendations
This vulnerability has been officially patched by Mozilla and the Tor Project. Users should update to Firefox 150 or later and Tor Browser 15.0.10 or later to mitigate this issue. No additional user action is required beyond applying these updates. Patch status is confirmed by vendor advisories.
Firefox Vulnerability Allows Tor User Fingerprinting
Description
CVE-2026-6770 is a vulnerability in Firefox and the Tor Browser that allows user fingerprinting through the IndexedDB API. This flaw enables websites to observe a stable ordering of IndexedDB database names across different sites within the same browser process, which can be used to link user activity even in Private Browsing mode or when Tor's New Identity feature is used. The vulnerability was assigned a medium severity rating by Mozilla and has been patched in Firefox 150 and Tor 15. 0. 10. Exploitation does not require cookies or shared storage and persists until the browser is fully restarted.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability CVE-2026-6770 affects Firefox and the Tor Browser by leaking a stable identifier via the IndexedDB API. Firefox stores IndexedDB database names with internal UUID mappings, and the order in which these databases are listed remains consistent across different sites during the same browser session. This consistency allows unrelated websites to link user sessions and fingerprint users despite Private Browsing mode or Tor's New Identity feature, which are designed to isolate user activity. Mozilla rated the issue as medium severity and patched it in Firefox 150. The Tor Project also incorporated the fix in Tor Browser 15.0.10.
Potential Impact
The vulnerability allows threat actors to fingerprint users in Firefox's Private Browsing mode and Tor Browser's New Identity sessions by linking activity across different sites without relying on cookies or shared storage. This undermines privacy protections intended to isolate browsing sessions and protect user anonymity. The fingerprint persists until the browser process is restarted. There are no known exploits in the wild reported at this time.
Mitigation Recommendations
This vulnerability has been officially patched by Mozilla and the Tor Project. Users should update to Firefox 150 or later and Tor Browser 15.0.10 or later to mitigate this issue. No additional user action is required beyond applying these updates. Patch status is confirmed by vendor advisories.
Technical Details
- Article Source
- {"url":"https://www.securityweek.com/firefox-vulnerability-allows-tor-user-fingerprinting/","fetched":true,"fetchedAt":"2026-04-27T08:45:04.983Z","wordCount":969}
Threat ID: 69ef2210ba26a39fba0e3f9d
Added to database: 4/27/2026, 8:45:04 AM
Last enriched: 4/27/2026, 8:45:11 AM
Last updated: 4/28/2026, 1:46:05 AM
Views: 12
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.