From this thread:
https://infosec.exchange/@TomSellers/111126339492371432
I found that these apps installed on my Mac are still vulnerable to the WebP exploit:

Arduino IDE, Keybase, Slack, and AdGuard for Safari. 

The first 3 I haven't launched in months, but... it certainly was A Choice that "AdGuard *FOR SAFARI*" contains an entire copy of "Chrome/100.0.4896.160" inside it.