According to the [plugin's GitHub page |GitHub - jenkinsci/android-signing-plugin: Jenkins plugin for signing Android APKs], the security issue should be fixed, but after updating the plugin, the security issue still shows, the same as the 2.2.5 version. 

I have checked the [Jenkins Update Center |https://updates.jenkins.io/update-center.json,] and the last registered version there for the plugin was 2.2.5, could it be the reason why Jenkins still marks this plugin as a security vulnerability?

The plugin didn't have a release for the 2.2.6 version, so I cloned the repository, created a build, then uploaded the required files to the Jenkins server. Is it possible to create a release for the 2.2.6 version so that the issue resolves?