>>45
I think I may have a solution.
Write letters to all maintainers of all the open source projects that matter. Tell them about your analysis tool that could potentially find a wide array of vulnerabilities in their code, and how you are reluctant to release it due to rise in exploits. Ask them to donate some funding to cover the cost of running the tool on their code base. Give them the final report generated and give them a few months to fix everything. Repeat for all projects. Once all the maintainers check it, release it.
Is it just source analysis or can it process binaries too? If the later then that's a more serious problem.