Any public facing software/firmware is always being probed for exploits. This is one of reasons we are always exhorting users to stay current.
Most OpenWrt packages aren’t explicitly managed in house, so in many of the CVE’s that arise, the issues have already been looked after upstream.