This implies that "there can be only one." The idea that you could effectively prove that a seller is keeping their side of the bargain also implies that no one else would discover it.
It just means that the seller is incentivized to minimize the number of people that know about the vulnerability. Which is effectively what "exclusivity" actually means, at least in this case.
As an additional point, if either side becomes known as a bad actor in the market, they will severely limit their ability to operate. There is some short term incentive to be dishonest (more money now), but in the long term it removes the ability to earn in the future. Like selling your fishing rod for fish today, tomorrow you'll be hungry again, only now you can't fish. (To butcher a cliche.)
