how open source remains secure despite their codes are open to whole world including hackers?

it is nearly impossible to have malicious code inserted in an OP because they have to go through many validations and reviews by the project managers who scrutinizes each line of code to ensure they are documented properly and follow the project guideline before they will even allow the modification on github