Yes (with caveats)

In todays world, web based exploits are pretty rare. The only time you really see this happen is with full proprietary systems like IPhones because the software stack on those is all intertwined between kernel code and user code, and things like sending a text message with some formatted characters can lead to reboots of phones. But even then, to gain a full command line shell or steal secrets is either impossible due to attack surface, or requires the phone to be in a specific state, like fully factory reset.

The only real danger is chains of trust being compromised, as in some attacker manages to insert malitious code into an already trusted app that uses these exploits.

On a side note i get kick out of reading HN comments about exploitation and hacking. I think people firmly believe that with enough time, a hacker can figure out how to basically take over your phone given any exploit, no matter what it is.