Google has released Chrome update 89.0.4389.90, in which Fixed five vulnerabilities, including CVE-2021-21193, already used by cybercriminals in exploits (0-day). The details have not yet been disclosed , it is only known that the vulnerability is caused by accessing an already freed memory area in the Blink JavaScript engine.
The problem is assigned a high, but not critical, hazard level, i.e. it is indicated that the vulnerability does not allow to bypass all levels of browser protection and is not enough to execute code on the system outside the sandbox environment. By itself, the vulnerability in Chrome does not allow bypassing the sandbox environment, and a full-fledged attack requires the use of another vulnerability in the operating system.