In short, because bad actors would find new ones.

Maintenance costs money, and the software was first released in the mid-90s. At some point, you just have to sunset the system because for as long as it’s in widespread use, it’s going to remain a lucrative target for people to find new vulnerabilities to exploit.