The main problem I see is that there’s no guarantee that you really got the number of arguments that you were expecting, and no way to check for that. This makes errors undetectable, and undetectable errors are, obviously, the most dangerous kind. va_arg is also not type-safe, which means that if you pass a double and expect an unsigned long long, you’ll get garbage instead of a good-looking integer, and no way to detect it at compile-time. (It becomes much more of a mess when the types don’t even have the same size).

Depending on the data you deal with, this may be more or less of a problem. If you pass pointers, it becomes almost instantly fatal to omit an argument because your function will retrieve garbage instead, and this could (if the planets are properly aligned) become a vulnerability.

If you pass “regular” numeric data, it then depends on if the function is critical. In some cases you can easily detect an error looking at the function’s output, and in some practical cases it really isn’t that much of a problem if the function fails.

It all revolves about if you’re afraid of forgetting arguments yourself, actually.

C++11 has a variadic template feature that allows you to treat an arbitrary number of parameters in a safe way. If the step from C to C++ isn’t hurting too much, you could look into it.