Sadly, there's cases where exec() is impossible to avoid - for example, every kind of tool that doesn't have a proper library and language bindings. See git and the grit library for an example.

True, but there is a lot of software out there where people don't do that. Might be interesting to find vulnerabilities that are slightly less obvious.