Security is both a pro and a con when it comes to open source. On the one hand, anyone can look at the source code for open source software, making it much more likely that someone will spot a problem.
On the other hand, as already mentioned, the difficulty in tracking open source software makes it hard for companies to know when they have a vulnerability. And as open source becomes more popular, hackers are increasingly targeting widely used open source code. In addition, sometimes the open source developers behind a particular project stop maintaining the software. In these cases, vulnerabilities may never be patched.
Any businesses using open source software needs to make sure that they have a strategy in place for dealing with these unique concerns.
Image Source: Wikimedia Commons