In the early days of WebGL some browsers leaked information via uninitialized GPU memory, so an attacker could potentially read texture data left behind by other processes.
Todays WebGL implementations take care to wipe new memory allocations with zeros before letting the untrusted script do anything with them though.
That's the same than starting a process and mallocing some memory; you will have the garbage of the previous process... Because you have no idea who owned that memory and what it was used to it would be hard to build something on top of that. This being said it's not a bad idea to zero stuff when you start to use them.
Todays WebGL implementations take care to wipe new memory allocations with zeros before letting the untrusted script do anything with them though.