Google has yet to reveal full details of the flaw and has imposed a seven-day disclosure deadline because of this.
The company has issued patches for Windows, macOS and Linux but the Chrome versions running on Android, iOS or Chrome OS have yet to be fixed.
iTWire has contacted Google for comment.
Commenting on the bug, Satnam Narang, senior researcher engineer at security firm Tenable, said: "At this stage, details about the vulnerability (CVE-2020-6418) are minimal. However, researchers have published a proof-of-concept exploit for the flaw.
"Typically, we see these types of vulnerabilities paired with a sandbox escape flaw, which can be used to gain arbitrary code execution. For instance, a type confusion vulnerability in Mozilla Firefox was exploited along with a sandbox escape vulnerability in June 2019 as part of targeted attacks.
"However, no further information about the possibility of a second vulnerability associated with this attack is currently available.
"To mitigate this, be sure to identify vulnerable assets and apply the latest patch for Google Chrome in a timely fashion."