Explanation

In 1.6.x, the text system was completely overhauled to use JSON components for certain text components. In 1.7.2, a bug was introduced where clients could crash attempting to parse selective translation components with the index of 0 (e.g. %0$s). This bug has lingered in the component system starting from 1.7.x to the very latest version of the game, 1.19.2.

While 1.8 and beyond fixed the part where it could be used in chat to crash clients, it didn't actually fix the root cause of the exploit, and unfortunately there is a way to consistently crash clients with this exploit using signs. Worse yet, it works like a "chunkban" as the moment anyone goes near a sign with this exploit applied to it, their client instantly crashes.

Steps to reproduce

Works on 1.7.x:

1. Load a world
2. Use this command: /tellraw @p {"translate":"%0$s"}

Works on 1.8+:

1. Load a world
2. Get a sign with this NBT (depending on the version you use) using commands like /give:
   1.8 - 1.13.x:

   {BlockEntityTag:{Text1:"{\"translate\":\"%0$s\"}"}}

   1.14+:

   {BlockEntityTag:{Text1:'{"translate":"%0$s"}'}}

1. Place the sign

Works on 1.16+:

1. Load a world
2. Use this command: /title @p title {"translate":"%0$s"}

TL;DR

To put it simply, this bug is exploitable and affects virtually every modern version of Minecraft: Java Edition dating back to 2013. It can be done in multiple ways (1.7.x with /tellraw, 1.8+ with signs and entity names, 1.16+ with /title, etc), and instantly crashes vulnerable clients the moment they try to process the text.

I've attached a table that shows how each version deals with the exploit, along with several crash reports from various versions.