Though at its face, this sounds like good news, a slight reduction in the number of reported and identified vulnerabilities does not really point to an improvement in the overall security of technology users.  In all honesty, I believe cybercriminals are more effectively leveraging existing vulnerabilities and taking advantage of the human element (phishing, adware, social engineering) to gain the access they desire.

https://www.darkreading.com/vulnerabilities—threats/vulnerabilities-dip-7–but-researchers-are-cautious/d/d-id/1333308