In no sense is open source software free of bugs or safe. There are plenty of people looking at it, but cleaver evildoers are very hard to detect. There was a security defect in OpenSSL for a decade before it was detected.

No software is safe, unless you wrote it yourself and wrote the compiler that compiled it yourself and wrote the operating system that runs it yourself and didn’t make any mistakes. This means no software is safe.