Depends, sometimes not always. Having source available makes it easy for hackers to find exploit but also makes it easier for community to identify and address exploits.
So… For a large active community project, it’s likely fairly secure but for smaller projects with 1 or just a few developers it might be vulnerable.