I'm pretty sure there are tons on unreleased and unpublished backdoor exploits for linux and windows likewise. The problem is you can't fix them yourself if the signature keeps unknown to anyone.
“Backdoor” means something deliberately and specifically added to enable the vulnerability. I.e., something can't really be both a backdoor and an exploit.
Really? I think of a backdoor as a deliberate vulnerability, and the exploit as the attack (or attack code) that makes use of any kind of vulnerability.
Let's say the NSA adds a backdoor. If someone else finds it, isn't that an exploit?
Very similarly to yourself, but I would say backdoor and vulnerability are mutually exclusive (kinda? I guess a backdoor is a deliberate vulnerability but I think you know what I mean) yet both can be exploited (the exploit being the client side code, if you will).