The near serious of these security department flaw , delegate CVE-2021 - 37977 , might be habituate to execute arbitrary inscribe on a target organisation . An nameless researcher happen upon the supply , which was separate as a utilise - after - unloosen flaw in Garbage Collection , end calendar month . Google claim to have give a $ 10,000 reward for the find . Chrome edition 94.0.4606.81 is directly usable for screen background exploiter , and it as well pay back two pot soften runoff exposure in Blink ( CVE-2021 - 37978 ) and WebRTC ( CVE-2021 - 37979 ) . Yangkang ( @dnpushme ) of 360 ATA and Marcin Towalski of Cisco Talos , respectively , reported the have-to doe with . allot to Google , each of the report researcher receive $ 7,500 . CVE-2021 - 37980 , an faulty implementation in Sandbox , is the fourth high - harshness job right with the electric current Chrome translation . The account researcher , Yonghwi Jin ( @jinmo123 ) , was grant a $ 3,000 motivator for the find . aggressor could utilise specially plan webpage to compromise a visitor ’s arrangement and potentially do inscribe in the web browser setting by overwork these vulnerability . Chrome pass stalls transfer for Windows and Mac has too been update to variation 94.0.4606.81 , allot to Google . The hunting locomotive colossus defecate no citation of any of these fault being expend in target outrage . withal , there have been over a xii documented zero - daytime aggress point the Chrome and Android political program soh Army for the Liberation of Rwanda this twelvemonth .