I don't know why you're being downvoted. My mind immediately went to this, given the relative obviousness of the exploits (compared to the massive supercomputer fuzzing runs done by Project Zero &c), and given their refusal to either document or fix these serious vulnerabilities in several releases.