Has there been any reported hacks that took advantage of the fact that some parts of libsecp256k1 are experimental?
No, because those things are not used in Bitcoin. Also, the library is heavily reviewed by cryptographers.
Even experimental things are generally safe to use as their cryptography is reviewed before it is implemented into libsecp256k1. The experimental mostly refers to the fact that APIs may change for those experimental things. Also, the experimental stuff is not enabled by default and must be explicitly enabled when compiling the library.