A vulnerability was discovered in Firefox-based browsers, including Tor Browser, that allows websites to derive a unique identifier from the order of entries returned by IndexedDB, even in private browsing mode. This identifier can be used to track users across different websites and sessions. The issue has been fixed in Firefox 150 and ESR 140.10.0, and Tor Browser has also released an update. The vulnerability highlights the importance of considering privacy implications in browser implementation details.