> ~70% of the vulnerabilities Microsoft assigns a CVE each year continue to be memory safety issues
https://msrc-blog.microsoft.com/2019/07/16/a-proactive-appro...
There are similar reports from other organizations.