While I agree with most of what you are saying (let's hope that 2021 will finally be "the year of memory-safe languages"), remote code execution issues also affect Java. https://securitylab.github.com/research/securing-the-fight-a... is just one of the latest prominent examples.
Yep, for sure. One of the things we see most frequently leading to code execution is still deserialization... but it's much more rare now, so a step forwards from my point of view.
lucb1e|5 years ago