VULNERABILITY DETAILS
Autofill can be used to trick the user into sharing private information such as the full name, address or even credit card details. This happens due to the fact that filling out one form field using autofill fills out all the other available form fields automatically, as long as matching information is available.

A possible mitigation would be to fill in only fields that are visible, so that users have at least a chance of seeing what is being autofilled and thus shared upon submission. However, even in that case the data might have already been shared, because it's probably already available via Javascript. I didn't test that, as it's only an additional vulnerability.

VERSION
Chrome Version: 50.0.2661.102 + dev
Operating System: Ubuntu 15.10

REPRODUCTION CASE
Load a page with the following HTML form:

<form action="https://example.com/test">
  <input type="text" name="email" autocomplete="email">
  <input type="text" name="name" autocomplete="name" style="opacity:0">
  <button type="submit">
    submit
  </button>
</form>

By clicking into the email field, the user gets suggestions to autofill his own email (as long as autofill is enabled and that information is available). When clicking onto the suggestion, the "name" field is autofilled as well, even if the user didn't intend to fill it. He doesn't even know the field exists.

The user thinks he fills in just his email by using autofill, but additionally, all other fields are filled in at once, even invisible fields that the user can't check and correct. (Note: This doesn't apply to type="hidden" input fields, just visually hidden fields.)

autocomplete="name" can be replaced with other autofill properties such as the user's address or credit card information. All available fields are listed here: https://developers.google.com/web/updates/2015/06/checkout-faster-with-autofill

By clicking "submit", any private hidden details are exposed to the resource pointed to via "action".