Why would this matter to the NSA? When you are handed a master key, why bother to pick a lock?
I see your point, but there are many locks, not just one. And, how do we know these are truly vulnerabilities and not just exposed backdoors? Doing it this way adds an element of plausible deniability for the corporations when the NSA wants even more illegal/unethical/controversial/unconstitutional access (foreign and domestic) beyond a few basic backdoors that can be sealed by knowledgable targets.
If you doubt this happens, Microsoft (with ~95% OS market share) and others have already been exposed for doing this:
In other words, this is all to bypass security safeguards put in place by targets (a.k.a. innocent people who have proprietary business secrets, etc.).
If you own a business and don't lock down your business secrets with your own methodologies and trusted, solid, well-researched third-party solutions, then it's likely some quasi-governmental corporation already has your potentially valuable secrets in a database right now, ripe for the plucking.
It adds an entirely new meaning to security exploitation, doesn't it?