chromium, sid is vulnerable to remote code execution (RCE). It is possible due to an insufficient data validation flaw found in the V8 component of the Chromium browser.
packetstormsecurity.com/files/162087/Google-Chrome-86.0.4240-V8-Remote-Code-Execution.html
packetstormsecurity.com/files/162106/Google-Chrome-86.0.4240-V8-Remote-Code-Execution.html
packetstormsecurity.com/files/162144/Google-Chrome-SimplfiedLowering-Integer-Overflow.html
chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.html
crbug.com/1150649
security-tracker.debian.org/tracker/CVE-2020-16040