Incorrect reporting of app with known vulnerability

[vertigo220]

This is a nice new feature, but unfortunately my first experience with it wasn't very good. It notified me that Librera Reader 8.8.5 had known vulnerabilities, but the problem is I didn't even have that version installed. I had 8.8.15 installed. The problem appears to be that it's using the information from its database instead of that of the actual installed app, because it also showed 8.8.5 as the latest version, but when I manually updated the repo, which apparently hadn't sync'd in at least a few weeks (8.8.15 was released on 1/17 and it's now 2/14, and so that's its own issue), the warning went away. Maybe it's not possible, or not preferred due to requiring additional permissions, but ideally it should base these warnings off the actual installed version, not the latest version it sees in the repo.