Used Coinomi in the past for some altcoin storage and never had any issues with them personally, probably they have bugs but, Do they really have vulnerabilities?
Coinomi had a really severe vulnerability where they sent the mnemonic code to the google server to check the spelling of the words.
While mistakes can happen, the developer claimed that this isn't as sever since google employees stealing funds would be unlikely. They completely ignored any other attack surface coming from that vulnerability.
The really important thing is not that the vulnerability existed, but the missing competence from the developer to acknowledge it. There are better wallets with more competent developers available.
Then how these wallets are considered as best crypto wallets for everyone even in 2020?
There is no central authority who gives out a prize for the "best wallet".
People might choose them as the best wallets for random reasons (e.g. good UI and easy to use), they don't necessary have the technical knowledge to question it form a technical perspective.
This is a really weird misrepresentation of the facts. Did you even bother to read our official announcement on the incident? Apparently not. We totally acknowledged the incident and put together an action plan to make sure no user funds are at risk, this is why we were in contact with Google and the Police authorities from the very first day that this bug was disclosed to us. And since you brought this up it would be also nice of you to mention that this bug only existed in this very particular version of our then-newly-released desktop wallet so mobile clients were not affected at all and even in desktops it would only be present if the user would try to restore an existing wallet into their desktop app so it also wasn't present in newly set up desktop wallets. The most important thing that you also fail to mention is that no user lost money from this bug (or from any other bug for that matter) and that we went a really long way to make sure that sensitive user data was only available to their owners and nobody else. If you want to call this incompetence then so be it, we are here to serve the crypto community in the best way like we've been doing for the past 7 years, not to convince you or anybody else about anything but we would really appreciate it if you stopped misrepresenting the facts. It would also be nice of you to mention that there have been bugs in all wallet clients from every single vendor from time to time and that in most instances users have permanently lost their funds, and that includes many open-source wallets too.
We mentioned this in one of our recent posts on this forum and we do this again here: we are working on an open-source solution that will be released soon to address these concerns. Our 24/7/365 Customer Support will be happy to assist you along the way via Live Chat, email and on several media platforms. Thank you.