Also Chrome was caught out last year, by non other than their own ProjectZero, with a vuln in their unsecured GPU code.