I don't even have to argue to make this point, I merely have to point out Heartbleed or Shellshock.
The reason both were found and had the absurd propaganda campaigns behind them as they did that are the only reason you can even name them to begin with, is precisely because the underlying software was free.
On the other hand, let's name drop another vulnerability and its exploit: SMBRelay. Took 7 years after it was made public to introduce an incomplete and partial fix. Still exploitable to this day, 13 years later.
So what it boils down to, is that both open source and closed source software can have bugs lingering in them for years that go unnoticed and/or unfixed.
The reason both were found and had the absurd propaganda campaigns behind them as they did that are the only reason you can even name them to begin with, is precisely because the underlying software was free.
On the other hand, let's name drop another vulnerability and its exploit: SMBRelay. Took 7 years after it was made public to introduce an incomplete and partial fix. Still exploitable to this day, 13 years later.