This is a bug that could also happen in Rust if someone used 'unwrap', or if the code panicked for any other reason. You can have logic bugs in any language. Remember the Cloudflare outage of Nov 2025.
It's also worth noting that the vulnerability you link to is a denial of service vulnerability. While yes, this is technically a vulnerability, it's not the sort of thing that people are usually worrying about in the context of null pointers. If features that give rise to DoS vulnerabilities are the ones to worry about, top of the list would have to be backtracking regex engines: https://owasp.org/www-community/attacks/Regular_expression_D...