Re:bugs != exploits (Score 1)

The article does not conflate defects and security risks. It clearly separates them: "The analysis resulted in 655 defects and 71 potential security vulnerabilities." Some security vulnerabilities can fall directly under the 'software bug' or 'defect' umbrella while others can be found off roaming in fields of coding semantics and input validation routines. The difference is subtle and subjective. Also, in the article, the 655 defects are broken down into sub-categories and probably 'Security Vulnerabilities' is just another category but it is a better attention grabber. Cheers.