Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
Google Chrome Releases reports:
21 security fixes in this release, including:
 High CVE-2016-5181: Universal XSS in Blink. Credit to
 High CVE-2016-5182: Heap overflow in Blink. Credit to
Giwan Go of STEALIEN
 High CVE-2016-5183: Use after free in PDFium. Credit
 High CVE-2016-5184: Use after free in PDFium. Credit
 High CVE-2016-5185: Use after free in Blink. Credit to
 High CVE-2016-5187: URL spoofing. Credit to Luan
 Medium CVE-2016-5188: UI spoofing. Credit to Luan
 Medium CVE-2016-5192: Cross-origin bypass in Blink.
Credit to firstname.lastname@example.org
 Medium CVE-2016-5189: URL spoofing. Credit to xisigr
of Tencent's Xuanwu Lab
 Medium CVE-2016-5186: Out of bounds read in DevTools.
Credit to Abdulrahman Alqabandi (@qab)
 Medium CVE-2016-5191: Universal XSS in Bookmarks.
Credit to Gareth Hughes
 Medium CVE-2016-5190: Use after free in Internals.
Credit to Atte Kettunen of OUSPG
 Low CVE-2016-5193: Scheme bypass. Credit to Yuyang
 CVE-2016-5194: Various fixes from internal audits,
fuzzing and other initiatives