From my understanding you can run into issues when you have a combination of ports being forwarded and some other issue like SSH enabled on a Raspberry Pi with default credentials but I feel like I’m missing things or misunderstanding port forwarding.
I don’t know if, for example, a computer connected to a network running a dated version of Windows is a risk simply because it is connected to the network. Even if it isn’t being used for things such as web browsing.
I’m more concerned about remote threats versus local ones like someone having access to my WiFi password.
simply keep everything up to date, don’t install shady stuff, and don’t use insecure passwords
ssh isn’t really a security issue as long as you have either a good password or key based authentication
running outdated versions of systems can pose a risk of being compromised but the chance of that is much less likely than you download something bad, but avoiding out of date windows is easy