graphviz: Exploitability for CVE-2023-46045 may be uncommon because this file is typically owned by root, but is related to an out-of-bounds read via a crafted config6a file. A welcoming fix was provided.

I can’t imagine a single reason to use graphviz other than legacy code. Its algorithms are classical and old. Maybe someone should rewrite it in Rust, but even that might be an overkill.