There's definitely a lot of C, so it's not unlikely that any given ordinary problem might appear in a codebase that happens to be C. It's also possible some issues are specific to C and they're only common because because there's so much C.
It would be very interesting to remove C code all over the world and see what issues still happen a lot. Obviously we can't run an experiment like that, but to be honest I'm pretty sure I already know what would happen.
When C code is being executed then semiconductors are well aware of it and perform their work more reliably and faster due to nativness.
Such a phenomen doesnt occur when the code is executed in some kind of VM or is an result of translation of some impure higher level language.
C has no flaws, it just offers pure power, but people do not read all those hundreds of pages of secure coding guidelines.
Other (childish) languages decided that they will fight security issues at technology level (type system, compiler, good stdlib), but here in C we write code that runs at scale, so we must approach challenges in scalable way and guess what - what scales better than humans? nothing! thus every C programmer must learn how to write safe code without relying on technology that can be bugged/flawed, etc.
You might think that data shows that this approach doesn't work, but this is a fallacy!
Hackers find this many issues because C-based software is thousands of times more valuable than software written in impure languages, so in reality if you put the same kind of effort into breaking into Java/C#/Rust-based systems as you do when attacking pure C system, then you'll find at least orders of magnitude more CVEs
https://en.m.wikipedia.org/wiki/%27No_Way_to_Prevent_This,%2...