It is just you. That statement is quite an exaggeration. Just as most of the "vulnerabilities" that are found are. Companies like FireEye and Zimperium exist for situations just like this. They have a team of people scouring available source code looking for any little flaw and then when they find something like this they send out press releases and hype it up as the next big doom and gloom phone destroyer so that people will buy their security app. But, when looking into the details you find that this bug only really affects phones running Android less than 4.4 and on the Qualcomm chipset. Many phones back in that era used a TI chipset instead so that limits the numbers right there. And then, when you look at what it is supposedly capable of you see that the worst it could do under ideal circumstances is to steal SMS and phone call data so it could gather who you call and text. But, just like the infamous StageFright vulnerability there still hasn't been a single documented case of it being exploited in the wild because of all of the other Android security in place to mitigate such risks.
The fact that these old bugs are being found is because of the open source advantage that you mentioned. There is no telling how many vulnerabilities exist in iOS devices because the code is not open for review. This is, of course, good and bad, depending on who happens to stumble across the vulnerability first.
Also, no one who cares anything about security should be using Android older than 4.4 or even 5.0. That is like using Windows XP or even Windows 95 and complaining that it has security vulnerabilities.