A self-reliant, full-time open source software developer lives off of donations to continue their work, put food on the table and put a roof over their head. Exploit brokers offer bounties on exploiting their work for tens of thousands regardless, money that could have helped these developers not live off waiting for the next donation or having to run fundraisers. There's an ethical question behind an industry like that.