Yes, the NSA has been accused of colluding with RSA to promote the Dual_EC_DRBG random number generator as a standard, despite claims that it contained a backdoor. https://en.wikipedia.org/wiki/... . The NSA has also been accused of interfering with standards that would enable ubiquitous effective encryption for popular communications tools, such as phones and email, resulting in the current hodgepodge of patchwork. Sure, you may use TLS to send and retrieve your email to and from your ISP, but the data is unencrypted in their servers, and is vulnerable to interception there. Your cell calls may be encrypted, but Chris Paget demonstrated at DEFCON how easy that is to defeat, using his almost legal homemade version of a Harris Stingray. And the encryption algorithms used by cell phones only protect the data flying over the airwaves, not on the cellular wired infrastructure which is already required to be vulnerable by CALEA.
However, the existence of one backdoor in one algorithm does not prove or disprove the existence of backdoors in other algorithms. Most exploitable weaknesses we do know about come from either protocol flaws or implementation errors, and these auditors found evidence of neither.