CVE-2016-1586

A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3.
Source: NIST
CVE-2016-1586