There have been two vulnerabilities on OS X in recent months. “Poodle” which was an SSL issue and BASH which was an issue with the shell program. Those aside, you are correct in that the security model is much better in Linux/Unix/ OS X
The shell is bash and the vulnerability was called Shell Shock. Any system running unpatched code was evidently vulnerable, not exclusively MAC systems.
Yes, but “vulnerability” isn’t a synonym for “virus”. These terms have distinct meanings for good reason.