It's not a simple matter of how frequently it occurs, the fundamental question is one of rigor. The principal difference between craftsmanship and engineering is also rigor. Historically, the ability to prove your code was free of classes of error required sacrifices that few practicing software developers could or would accept (e.g., formal proofs, use of "niche" languages, uncomfortable toolchains, etc.).

What's got people excited is the evolution of these systems which have a rich intersection between rigor and usability (to include ecosystem, tooling, etc.). The ability to statically eliminate classes of error with good (or maybe good enough) ergonomics means these questions of "how frequently does this occur" are not relevant - you can drive such occurrences to zero and doing so should become table stakes. This is a proper engineering mindset.

None of this is to dismiss craftsmanship, which definitely has its place. And before the ability to practically apply rigor, that's all there was. After all, people have been building complex systems for centuries without the benefit of modern mathematical foundations. But none of those are good reasons to eschew rigor when it is within reach and when the systems you develop are big/complex/widely-used enough.

You think this until you're on the front line exposed as attack surface directly or indirectly via linkage. This is a knowledge category where ignorance really does give people unfounded confidence.

What does linkage have to do with anything? Why would statically linking in go be more safe than in C?

The continuous growth of CVE entries shows otherwise.