[mysterydip]

People have, in the past. The problem is that we will never remove all 0days until we stop releasing software. That's not to say we shouldn't try (to Quarrelsome's point), but eventually the stockpile today will be obsoleted by the stockpile of tomorrow. And if nation states didn't have a pile, the seedy side of the internet would, alongside trading botnets, credit card lists, etc. My point being that while noble efforts, it won't go away and we need to figure out how to deal with it.

Here's one reason such a stockpile could be used for good: say a previously unknown vuln is attacking "our" (whomever that is for you) infrastructure. The command and control has been traced back to a cluster that's vulnerable to one of the weapons in your stockpile. Now you can potentially disable it, stop it spreading, tell all of them to run an updated version of the code that essentially does nothing, etc. For all I know, this could have happened already.