The recent improvements to the fuzzers made me think about the general way libvips is fuzzed by OSS-Fuzz.
It looks like that some parameters aren't really covered by the fuzzing targets. For example, the page or n argument are never passed to the webpload or gifload. This also applies to the saver (eg. a different Q for jpegsave).

// option_string is empty
vips_image_new_from_buffer(data, size, "", nullptr)
// option list is empty
vips_image_write_to_buffer(image, SAVE_SUFFIX, &buf, &len, nullptr)

Ideally, the input data would be encoded in such a way that all arguments can be combined. I'm not really sure how to achieve this, since the inputs are essentially just images (at least as of now). For cgif I made the API parameters part of the fuzzer input data (dloebl/cgif#45). However, I'm not sure if that approach is viable for libvips.
Varying the arguments of loaders and savers should lead to better fuzzing coverage.