Don't trust software you haven't audited.

If you must trust software you haven't audited, then choose to trust code that's exposed to many developers who independently are likely to speak up about a vulnerability.

Open source isn't inherently more secure than proprietary software, but the systems in place to fix it are far better planned, implemented, and staffed.