And if you are a state agency who'd like to keep the undisclosed zero-days you rely on secret, spamming maintainers with reports makes sense.
replyAs a bonus if you find any actual zero-days in your mass-generated ones you don't report it and get a new one to play with.
I mean. Makes sense until adversary states start walking through the same doors you’re using. At which point you might regret that maintainers are too flooded to deal with it.
replyAssuming, of course, said state agency is operating under sufficiently strategic governance and management…