>In 2019, Microsoft security engineers reported that around 70% of security vulnerabilities were caused by memory safety issues.
Sh!tty programmers, poor coding standards. Code bloat. Poor specifications. Improper memory management. Lack of proper testing. etc, etc, etc.
Assembly on non-networked, air gaped small systems.
Yep. All of the above. Plus.