From time to time somebody suggests that perhaps the GrapheneOS project might look into collaboration with OnePlus. This recent report from The Register suggests a concerning approach to security: "OnePlus leaves researchers on read over Android bug that exposes texts" (2023-09-23).
Security vulnerabilities happen to everybody, but what happens after one is reported matters a lot.