Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.
https://chromereleases.googleblog.com/2021/08/the-stable-channel-has-been-updated-to.html