If 20 years ago you told me a single piece of software had 428 vulnerabilities I wouldn't have believed it.
If Chromium has that many security bugs, perhaps the move fast and break things approach of spraying diarrhea masquerading as code into a keyboard — in a rush to add new features no one asked for — needs to be reexamined.
Open source has proven over that time that the community can produce just as awful software and that many eyeballs are not in fact looking at it.
For something as complex as an operating system or a web browser, even one from 20 years ago (say, Windows XP or IE/Firefox) I wouldn't have believed there were 428 vulnerabilities either, I would have assumed there were much more than that.
If only real intelligence found the fucking things instead.
As ye sew, so shall ye reap!
Probably working as intended...