Its a double edged sword
Open source provides more opportunity for finding bugs, but that includes bad guys. OpenSSL turned out to have undiscovered bugs in it for years, and now bugs are being found in it at a fast n furious rate - because a lot more people are studying it a lot more closely since it has proven to be a lot less secure than people had assumed.
So you have to wonder - some of those bugs that have existed in it for many years, were they really first discovered when announced? Or were they discovered years earlier by some who used them for nefarious purposes?
Biting the hand that feeds IT
