Currently, the red bell is shown whenever a CVE that is not safe is found.
We should change that so that the red bell is only shown if the admin can do something about it (i.e., upgrade)