Compiler engineers like fuzz testing. You'll find a bunch of infra for it in llvm. That should mean the easy targets have already been hit, though I wouldn't be too confident of that stance.
Plus there are hordes of academics using Clang/GCC as targets for bug-finding papers. The Csmith [1] paper alone has over a thousand citations at this point. I'd assume most of the low-hanging fruits are picked.
In my humble experience, both in academia and the cybersecurity industry, there are relatively few individuals and teams with the drive necessary to discover the most challenging bugs, especially compared to the sheer scale of the challenges. Fuzzing is just one example of this. Additionally, with billions of lines of code, it takes significant time for research to translate into real-world engineering practices.
One example of a higher order reasoning about this is [1] (includes metrics).
