Here the review of the CryptoNote whitepaper is described as "informal":
http://monero.stackexchange.com/questions/2751/what-type-of-security-audits-has-monero-receivedand it has been performed by someone, Surae Noether, who describes himself as matematician, but does not disclose his real identity.
His credibility, in my opinion, is near zero.
Moreover, as far as I know, no real deep analysis of the code has been performed from the point of view of security.
It is true that the code is Open Source, but an ordinary software developer with no knowledge of cryptography and peer-to-peer communication would not be able to spot malicious code.
The analysis should be performed by a specialist or better by a team of specialists, all of them with verifiable academic background.