Jesse James, you missed a few addresses:
16mWzkk6iznyJQ3sKQRYxQ1Zr8xWpGMFWi
1B2wqabcETtQxPuacB5whni7GUjDn1oQQX
1BH4hyBMH8NoiscwiPngP23fVNN8wpJwrT
1HRhPdTXhTDMTM8C9C3Y8FGD1EKszkPGv
1K5XZhjCwbLYHwys86FvepaHt6tFiWb35T
1LfuyRkm9MrEXTz72hzpPsL46mzHEXfqWj
1MmE9r9QTN2GnP1TF7JhZSKPsubuXguJkb
1NujNX3cvbikAZMnKtETgSd7kvw7o93MRg
1PCrHhXxS8ZotDvgSA5WxpmtC1qNQchrPr
1Q4VVTsx6vgYth7iD9WnAgHvAj239PMaoL
1rPAkJSXWgnLFEiCzv3APUFLsi8Kzv3pX
Only one of these addresses is very recent. Maybe my script finds more keys, because I also catch an addresses when the R-value was used only once as long as the same R-value was used on another address twice.
Moreover, the two addresses 1Q8eetJs5wRpqR3b5FT9EHe6GD8Bges9Hm and 195Tycz7nVhV7aKw98nq74FdVYtyYyE1K7 are endangered by this transaction:
https://blockchain.info/tx/127da3144a02f16e1a5ccb67778a2f5f9924023ce9aa20c1c4d08be576cbb0b9I think it is not exploitable but as soon as one of the private keys is revealed, the other is also revealed.
I reran my script to try to catch the special case you mentioned but oddly was only able to confirm a subset of the ones you reported.
1BH4hyBMH8NoiscwiPngP23fVNN8wpJwrT
1HRhPdTXhTDMTM8C9C3Y8FGD1EKszkPGv
1MmE9r9QTN2GnP1TF7JhZSKPsubuXguJkb
1NujNX3cvbikAZMnKtETgSd7kvw7o93MRg
Checking my logic ...
Edit 1: My bad ... I think the discrepancy is caused by my parser ignoring transactions with non-canonical signatures (which stopped being allowed a while ago).
On an unrelated note I also just checked if there was any overlap between the set of signature r-values and the set of public key x coordinates ... ∅ ... if there were any that would have indicated the potential for more RNG issues.