> Like, does COBOL allow out-of-bounds memory access?

Modern COBOL compilers will catch this with an error; if you do manage to compile and run, you'll get a runtime error or immediate crash.

> How does it compare to C or Rust as far as allowing ‘accidental’ security lapses?

COBOL has reference modification that can easily be purposefully used to reference memory outside the bound of the original data you target. It isn't memory safe, it's just very restrictive so many errors/misuses get weeded out during compiling.