Firefox Vulnerability Allows Tor User Fingerprinting

“In Tor Browser, the stable identifier effectively defeats Tor Browser’s ‘New Identity’ isolation within a running browser process, allowing websites to link sessions that are expected to be fully isolated from one another,” the researchersexplained.Mozilla patched CVE-2026-6770 with the release of Firefox 150. The organization assigned the flaw a ‘medium severity’ rating anddescribedit only as “other issue in the Storage: IndexedDB component”.The Tor Project has also adopted the patch, rolling it out to users last week with the release ofTor Browser 15.0.10.Related:Chrome 144, Firefox 147 Patch High-Severity VulnerabilitiesRelated:GhostPoster Firefox Extensions Hide Malware in IconsRelated:New Firefox Protections Halve the Number of Trackable Users

Mozilla patched CVE-2026-6770 with the release of Firefox 150. The organization assigned the flaw a ‘medium severity’ rating anddescribedit only as “other issue in the Storage: IndexedDB component”.The Tor Project has also adopted the patch, rolling it out to users last week with the release ofTor Browser 15.0.10.Related:Chrome 144, Firefox 147 Patch High-Severity VulnerabilitiesRelated:GhostPoster Firefox Extensions Hide Malware in IconsRelated:New Firefox Protections Halve the Number of Trackable Users

The Tor Project has also adopted the patch, rolling it out to users last week with the release ofTor Browser 15.0.10.Related:Chrome 144, Firefox 147 Patch High-Severity VulnerabilitiesRelated:GhostPoster Firefox Extensions Hide Malware in IconsRelated:New Firefox Protections Halve the Number of Trackable Users

Related:Chrome 144, Firefox 147 Patch High-Severity VulnerabilitiesRelated:GhostPoster Firefox Extensions Hide Malware in IconsRelated:New Firefox Protections Halve the Number of Trackable Users

Related:GhostPoster Firefox Extensions Hide Malware in IconsRelated:New Firefox Protections Halve the Number of Trackable Users

Related:New Firefox Protections Halve the Number of Trackable Users

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

With "Shadow AI" usage becoming prevalent in organizations, learn how to balance the need for rapid experimentation with the rigorous controls required for enterprise-grade deployment.

Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

Neill Feather has been named Chief Executive Officer at Point Wild.

Source: SecurityWeek