PRIVACY ISSUE
Information from old tabs is still appearing in chrome weeks after the tabs were closed, the website was signed out of, and local data was deleted. To be more specific, I accessed my credit card statements in chrome (by logging on to my bank's website and opening my statements). After closing those tabs, I still see the statements flash on screen briefly when I switch to a different tab (previously existing tab, but not a tab that had that particular website displayed), before the correct contents of the tab are actually displayed. 

In fact, I actually just encountered the bug again while filing this report. I had the bug report form open in a brand new tab about an hour ago. I closed that tab also about an hour ago. I opened this current form in a new tab about 5 minutes ago, and when switching to an existing tab (that was not the tab I had used for the old bug report session), my old bug report session flashed briefly on screen. 

VERSION:
Chrome Version: Version 68.0.3440.106 (Official Build) (64-bit)

Operating System: MacOS High Sierra 10.13.3

REPRODUCTION STEPS
Steps to reproduce:
  1. Open a website in a new tab, in a session with other tabs open.
  2. close the tab from 1.
  3. Open some other new tab (unsure if this step is necessary)
  4. Switch to one of the previously existing tabs and observe that it briefly flashes the old tab. 

Reproduction tips: the chrome application has been running on my computer for, I believe, upwards of a week without being restarted or closed. The "existing" tabs may have been open for up to 24 hours, but I'm not completely sure. I do, however, think that they were not accessed between the beginning of the reproduction (step 1) and the end of the reproduction. I'm am not at all certain whether session duration or tab-open-duration is a factor, but I figure it's helpful to at least clarify that it could be a possibility.

Attack scenario / reason for privacy and security concern:
The fact that images of an old--long-since closed--tab is still flashing on screen weeks after the site was last visited suggest that this image exists somewhere in memory, likely in some sort of cached data. 

This could be exploited in two ways: 
First, if the cached image could be located and retrieved, an attacker could view a secure page that the user thinks they have closed and signed out of. In this case, it seems like this could happen weeks after the page was last visited. 
Second, screen recording software could be used and the attacker could go back, view the recording, and pause on a frame displaying the confidential information. 

Access to the computer--either direct access or access through some other vulnerability that would give the attacker access to data in memory--would be a pre-requisite for the attack. However, I feel that it nonetheless constitutes a security risk, as users do not expect that website data will remain accessible/viewable after they've closed a given tab and deleted any corresponding files from local storage.