A couple of comments:
It’s disturbing to see so many people arguing for performance over safety in core api of a platform that’s as widely used as node.
APIs whose semantics change based on the types of their arguments are confusing in statically typed languages, but dangerous in dynamically typed ones. Concise interfaces aren’t always elegant or expressive.
Interesting: a security bug emerging from lack of types.
No. You could easily write something like that on a typed language. The bug emerges precisely because the function behaves differently depending on type information.