Google has released patches for five security flaws in its Chrome web browser, including one that it claims is being exploited in the public, making it the 17th vulnerability to be revealed since the beginning of the year.

The issue, which has been assigned the identifier CVE-2021–4102, is a “use-after-free” bug in the V8 JavaScript and WebAssembly compiler that might result in serious effects ranging from data manipulation to the execution of malicious codes.

It’s unclear how the bug is being used in actual attacks right now, but Google published a brief statement saying, “it’s aware of claims that an exploit for CVE-2021–4102 exists in the public.” This is done to make sure that the majority of users get updated with a patch and to deter other malicious actors from exploiting the vulnerability.

CVE-2021–4102 is the second “use-after-free” flaw in V8 that the business has patched in far less than three months after indications of ongoing exploitation, with CVE-2021–37975, discovered by an anonymous researcher, fixed in a September 30 update. It’s uncertain whether the two problems have anything to do with one another.

With this newest version, Google has patched a total of 17 zero-day vulnerabilities in Chrome this year. The list of vulnerabilities is as follow:

• CVE-2021–21148 — Heap buffer overflow in V8
• CVE-2021–21166 — Object recycle issue in audio
• CVE-2021–21193 — Use-after-free in Blink
• CVE-2021–21206 — Use-after-free in Blink
• CVE-2021–21220 — Insufficient validation of untrusted input in V8 for x86_64
• CVE-2021–21224 — Type confusion in V8
• CVE-2021–30551 — Type confusion in V8
• CVE-2021–30554 — Use-after-free in WebGL
• CVE-2021–30563 — Type confusion in V8
• CVE-2021–30632 — Out of bounds write in V8
• CVE-2021–30633 — Use-after-free in Indexed DB API
• CVE-2021–37973 — Use-after-free in Portals
• CVE-2021–37975 — Use-after-free in V8
• CVE-2021–37976 — Information leak in the core
• CVE-2021–38000 — Insufficient validation of untrusted input in Intents
• CVE-2021–38003 — Inappropriate implementation in V8

To reduce the risk of ongoing exploitation, Chrome users should update to the newest version (96.0.4664.110) for Windows, Mac, and Linux by going to Settings > Help > ‘About Google Chrome.’