That's one of the arguments for SaferCPlusPlus[1]. It's a (high performance) option for retrofitting memory safety to existing C/C++ codebases. It requires (straightforward) modifications to the existing code, but involves much less effort than a complete rewrite. A tool to (mostly) automate the required modifications is being worked on. (But more resources might hasten its progress, if any of those well-resourced entities wanted to redirect some of their efforts from vulnerability detection and mitigation to prevention :)

Just out of curiosity, what kind of performance penalty are people be willing to accept in exchange for memory safety?

[1] shameless plug: https://github.com/duneroadrunner/SaferCPlusPlus