Well yeah, if you get a computer to run a program that does what you want, rather than what its designers intended or its owner expects, then end-to-end encryption doesn't protect that device owner. That's why it's called end-to-end encryption. It has to end somewhere.
Compromising a computer is fundamentally different than breaking an encryption protocol or an encryption primitive.
It is unsurprising that the CIA has found or bought numerous flaws in common consumer operating systems, such as Android and iOS.
Computers will never be fundamentally secure, because their most important benefit is that they can run any program, even programs that haven't yet been written. This is why we use computers and why they make us so productive. Operating system designers come up with all sorts of clever ways to try and allow the user to run any program they desire, while also preventing unauthorized people from doing so, but ultimately all of these defenses are just compromises, at best. A truly secure computer wouldn't be Turing complete, meaning that it would not be able to run any program. A walkie-talkie radio, for example, is not programmable, and is therefore secure. The trade-off is that it can only do one thing well.
Breaking an encryption protocol or primitive (cryptanalysis) is not like getting a computer to run a program that its owners and designers did not expect or want. When people break an encryption protocol or primitive, they are dealing with the cipher text that is traveling over the wire (or which is broadcast into the air).
Broadly speaking, cryptanalysis is about pattern recognition. Although encryption protocols and primitives are periodically broken through cryptanalysis, this is both more catastrophic and much rarer than the discovery of exploitable flaws in computer operating systems, which happens nearly every day.
Breaks in well-reviewed and trusted crypto protocols are much less frequent. The life span of a well-reviewed and trusted crypto protocol, block cipher, or hash function is closer to ten or even twenty years.
Nothing in Wikileaks' statement or the Washington Post article remotely suggests that the CIA has broken the encryption protocol in Signal and WhatsApp. In fact, the article says exactly the opposite:
"In its news release, WikiLeaks said the files enable the agency to bypass popular encryption-enabled applications — including WhatsApp, Signal and Telegram — used by millions of people to safeguard their communications. But experts said that rather than defeating the encryption of those applications, the CIA’s methods rely on exploiting vulnerabilities in the devices on which they are installed, a method referred to as “hacking the endpoint.”
Also, this dump is made up of documents describing exploits, rather than exploits themselves. There's one Python script in there, but it just mirrors what's going on on the target machine. The exploit is the unlocked window that no one knows is unlocked, but this Python script is the bin you put the silver in on your way out. Fundamentally uninteresting. All of the actual exploits described here weren't dumped, as far as I can tell, so either: they weren't exfiltrated by the leaker, or Wikileaks just kept them or handed them over to someone else.
If you browse through the list of tools, you'll notice that a lot of them require physical access to the target device. There are some RCE (remote code execution) tools described here, but a lot of these tools look like they are designed to take advantage of momentary physical access to a target device, which makes sense for a HUMINT outfit like CIA.
Basically, there's no reason to freak out about this dump. The real question is cui bono?