alt Hacker NewsIt's likely varies enormously between projects. Linux remains extremely low in slop, and the vulnerabilities being fixed are quite old, so it's improving. Many vibe coded projects are very sloppy, and are adding a lot of vulnerabilities.
Total number of vulnerabilities likely goes up over time weighting all projects equally, but goes down over time weighting by usage.
I mean - you're spot on - which is why I'd be more inclined to ask for actual metrics rather than feels/vibes, and I'd be very clear that the information I was basing my thinking on has enormous pitfalls.
This is the basis for "correlation points to possibly fertile grounds for an investigation"