Security firm Fingerprint discovered a vulnerability in Firefox that allowed websites to track users by exploiting uniquely ordered retrieval of non-sensitive database metadata, enabling fingerprinting even in private browsing and the Tor browser. Mozilla patched the issue in Firefox 150 on April 21, 2026 after Fingerprint’s responsible disclosure, and researchers warn similar entropy-related flaws may surface as new AI models like Anthropic’s Claude Mythos emerge. #Firefox150 #Fingerprint
Keypoints
- Fingerprint identified a metadata-retrieval flaw that enabled persistent fingerprinting.
- The issue could track users in private browsing modes and the Tor browser.
- Mozilla fixed the vulnerability in Firefox 150, released April 21, 2026.
- The root cause was insufficient entropy in how database metadata were ordered and presented.
- Researchers expect more similar privacy weaknesses to be discovered as next-generation AI tools evolve.
Read More: https://matthewrosenquist.substack.com/p/privacy-vulnerability-in-firefox