It’s not “a weakness.” It’s many weaknesses chained together to make an exploit. Apple patches these as they are found. NSO then tries to find new ones to make new exploits.

Apple lists the security fixes in every update they release, so if you want to know what they’ve fixed, just read those. Known weaknesses get fixed. Software like Pegasus operates either by using known vulnerabilities on unpatched OSes, or using secret ones on up to date OSes. When those secret ones get discovered, they’re fixed.