vulnerabilities were not caused by using C, they were caused by human error. C may be harder to read, but it is way faster than most of the alternatives.
Perhaps you missed the part of the drama where it was revealed years ago that OpenSSL prefers to roll it's own malloc rather than work out issues in their code that were exposed when porting to other platforms? OpenSSL would just have rolled their own shit to circumvent whatever protections you think other languages provide.
It's the attitude that was wrong, not the language. Stupid always finds a way. Back in the day, porting to different compilers and platforms was one way to find and quash bugs. Nowadays I guess you can just pitch a single OSS compiler and rely on it's implementation details and bugs. Drag your own chunks of libc around and presto, no porting headaches. That's such a stupid attitude.