Have you read Gibson's "Sprawl" and "Bridge" trilogies? I read them > ten years ago and haven't read any sci-fi since, these books kinda put a subconscious "it does not get better, better diversify into other genres" attitude into my brain and personally I'm OK with that. Was reading a lot of sci-fi before that.
So many CVEs are due to their bug bounty program, hackers are incentivized to sell vulnerabilities to Google rather than exploiting them. CVEs are publicly disclosed after they are fixed, of course.
The CVEs are due to the bug reporting, the bugs are not.
The point is that memory safety bugs are the gift that keeps on giving.
You can throw as much money into the problem as you want, and the inherent complexity of memory management means you are still gonna ship bugs of all severity.