Firefox Vulnerability Allows Tor User Fingerprinting
The vulnerability is tracked as CVE-2026-6770 and it has been patched with the release of Firefox 150 and Tor 15.0.10. The post Firefox Vulnerability Allows Tor User Fingerprinting appeared first on SecurityWeek.
Researchers have discovered a vulnerability that could allow threat actors to fingerprint Firefox users, even in Private Browsing mode. The issue also affects the Tor anonymity browser, which is based on Firefox.
The vulnerability, tracked as CVE-2026-6770, is related to the IndexedDB browser API, which is used for storing structured data on the client side.
Firefox stores IndexedDB database names using internal UUID mappings, and when a website lists those databases, the order they come back in remains the same across different sites while the same browser process is running.
Source: https://www.securityweek.com/firefox-vulnerability-allows-tor-user-fingerprinting/
Related breach coverage
- Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months2026-04-30
The authentication bypass flaw allows attackers to gain administrative access to vulnerable servers. The post Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months appeared first on SecurityWeek.
- Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure2026-04-29
The vulnerability allows attackers to read data from a LiteLLM proxy’s database and potentially modify it. The post Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure appeared first on SecurityWeek.
- Critical GitHub Vulnerability Exposed Millions of Repositories2026-04-29
The remote code execution flaw CVE-2026-3854 was found to impact GitHub.com and GitHub Enterprise Server. The post Critical GitHub Vulnerability Exposed Millions of Repositories appeared first on SecurityWeek.
- Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials2026-04-28
Federal prosecutors have been conducting a preliminary investigation since mid-February 2026 into alleged cyberattacks on Signal accounts. The post Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials appeared first on SecurityWeek.