Would there be any security vulnerabilities to worry about for a phone with unlocked
bootloader?
Not really. You know you can easily erase your Android phone remotely using find my device app?
Especially with the custom ROM your phone is actually more secure than any other stock firmware.
Yes there is. But it is more about being in your possession, like leaving it at work with debugging on and someone connects to it. Is your house secure when you lock the door? If you leave your house keys with a friend someone can always make a copy of the key and get in. Kinda like 2 factor verification seeming secure. How was Jack’s Twitter account hacked?!
BUT… Having unlocked bootloader lets you “cut your own key” so to speak, no hidden backdoors or proprietary exploits (or less likely within the opensource community) So actually much better for the user, not the corporate entity.
Lol so true