Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.