Chrome uses sandboxing and a lot of safe tooling (wuffs, rust) for untrusted data.

curl is heavily fuzzed and you still mostly control what you are downloading unless the target is compromised.

With logs the attacker controls what goes into your logs.

And you don't need to really look very hard, there are a fair number of very recent stack and heap overflows: https://github.com/tstack/lnav/issues?q=is%3Aissue%20heap%20...