Ppl forget
Ppl forget that "responsible disclosure" was originally designed to provide a benefit to the then bug finder elite. They needed a way to monetise their time investment, so they became "consultants", selling themselves to various IT organisations. Trouble was their less famous mates were releasing 0-days on usenet, which was kinda embarrassing and also limited their income.
Responsible disclosure meant doing it the corporate way, and thus generated cash for certain ppl. It also provided a cheap way to bash ppl that didn;t abide by the rules - "oh he's very irresponsible for releasing that without giving it to us for free first!" That kind of thing was likely to put a dent in your CV and prevent you from drinking at the watering hole with the big guys.
The bugs are valuable information, so why should it be given freely to a corporation to benefit from? If you think that's the way it should be then I suggest you also look at the patenting of drugs - knowing how to make Herceptin etc is a very valuable piece of information, and helps lots of ppl. I still don't see it being given away for free...
Why? Because it takes a lot of time and effort to create and test it, and ppl should be recompensed for that otherwise nobody else is going to put that kind of time and effort into discovering things which would be a bad thing.
Plenty of ppl out there stand to benefit from exploits, and they're not the kind of ppl you want benefiting from them. It therefore stands to reason that if you want the "good" guys to know about them first that there's an incentive for ppl to tell them and not the bad guys. If not, don't bother complaining when your mate sends you a PDF and you subsequently need to spend 3 months sorting out your credit score.