I do understand that TrueNAS is open-source. Is it 100% open source? What portion of TrueNAS has received third-party vetting for security vulnerabilities? Are there portions that have not been and thus could harbor code from a supply chain attack?
Do you consider Linux safe??
Known vulnerabilities are published here;