diff --git a/cli/src/main/java/com/devonfw/tools/ide/url/model/file/UrlSecurityJsonFile.java b/cli/src/main/java/com/devonfw/tools/ide/url/model/file/UrlSecurityJsonFile.java
index c15dcae90..779d00c1f 100644
--- a/cli/src/main/java/com/devonfw/tools/ide/url/model/file/UrlSecurityJsonFile.java
+++ b/cli/src/main/java/com/devonfw/tools/ide/url/model/file/UrlSecurityJsonFile.java
@@ -5,6 +5,7 @@
 import java.math.BigDecimal;
 import java.nio.file.Files;
 import java.nio.file.StandardOpenOption;
+import java.util.Collection;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Objects;
@@ -18,6 +19,7 @@
 import com.devonfw.tools.ide.version.VersionIdentifier;
 import com.devonfw.tools.ide.version.VersionRange;
 import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 /**
@@ -28,7 +30,7 @@ public class UrlSecurityJsonFile extends AbstractUrlFile<UrlEdition> {
   /** {@link #getName() Name} of security json file. */
   public static final String FILENAME_SECURITY = "security.json";
 
-  private UrlSecurityWarningsJson urlSecurityWarningsJson = new UrlSecurityWarningsJson();
+  private Collection<UrlSecurityWarning> urlSecurityWarnings;
 
   /**
    * The constructor.
@@ -38,17 +40,19 @@ public class UrlSecurityJsonFile extends AbstractUrlFile<UrlEdition> {
   public UrlSecurityJsonFile(UrlEdition parent) {
 
     super(parent, FILENAME_SECURITY);
+    this.urlSecurityWarnings = new HashSet<>();
   }
 
   /**
    * A wrapper for {@link #addSecurityWarning(VersionRange, BigDecimal, String, String, String)} used in the unit tests.
+   *
+   * @param versionRange the {@link VersionRange}.
    */
-  public boolean addSecurityWarning(VersionRange versionRange) {
+  public void addSecurityWarning(VersionRange versionRange) {
 
     UrlSecurityWarning newWarning = new UrlSecurityWarning(versionRange, null, null, null, null);
-    boolean added = this.urlSecurityWarningsJson.getWarnings().add(newWarning);
+    boolean added = urlSecurityWarnings.add(newWarning);
     this.modified = this.modified || added;
-    return added;
   }
 
   /**
@@ -65,7 +69,7 @@ public boolean addSecurityWarning(VersionRange versionRange, BigDecimal severity
       String nistUrl) {
 
     UrlSecurityWarning newWarning = new UrlSecurityWarning(versionRange, severity, cveName, description, nistUrl);
-    boolean added = this.urlSecurityWarningsJson.getWarnings().add(newWarning);
+    boolean added = urlSecurityWarnings.add(newWarning);
     this.modified = this.modified || added;
     return added;
   }
@@ -93,7 +97,7 @@ public boolean contains(VersionIdentifier version, boolean ignoreWarningsThatAff
           edition.getName());
     }
 
-    for (UrlSecurityWarning warning : this.urlSecurityWarningsJson.getWarnings()) {
+    for (UrlSecurityWarning warning : this.urlSecurityWarnings) {
       VersionRange versionRange = warning.getVersionRange();
       if (ignoreWarningsThatAffectAllVersions) {
         boolean includesOldestVersion = versionRange.getMin() == null
@@ -114,6 +118,9 @@ public boolean contains(VersionIdentifier version, boolean ignoreWarningsThatAff
   /**
    * For a given version, returns whether there is a security warning in the {@link UrlSecurityWarningsJson JSON
    * object}. This method does not ignore warnings that affect all versions.
+   *
+   * @param version the {@link VersionIdentifier}.
+   * @return {@code true} if there is a security risk for the given version, {@code false} otherwise.
    */
   public boolean contains(VersionIdentifier version) {
 
@@ -129,7 +136,7 @@ public boolean contains(VersionIdentifier version) {
   public Set<UrlSecurityWarning> getMatchingSecurityWarnings(VersionIdentifier version) {
 
     Set<UrlSecurityWarning> matchedWarnings = new HashSet<>();
-    for (UrlSecurityWarning warning : this.urlSecurityWarningsJson.getWarnings()) {
+    for (UrlSecurityWarning warning : this.urlSecurityWarnings) {
       if (warning.getVersionRange().contains(version)) {
         matchedWarnings.add(warning);
       }
@@ -140,7 +147,7 @@ public Set<UrlSecurityWarning> getMatchingSecurityWarnings(VersionIdentifier ver
   /** Clears all security warnings. */
   public void clearSecurityWarnings() {
 
-    this.urlSecurityWarningsJson.getWarnings().clear();
+    this.urlSecurityWarnings.clear();
     this.modified = true;
   }
 
@@ -152,7 +159,8 @@ protected void doLoad() {
     }
     ObjectMapper mapper = JsonMapping.create();
     try {
-      this.urlSecurityWarningsJson = mapper.readValue(getPath().toFile(), UrlSecurityWarningsJson.class);
+      urlSecurityWarnings = mapper.readValue(getPath().toFile(), new TypeReference<Set<UrlSecurityWarning>>() {
+      });
     } catch (IOException e) {
       throw new IllegalStateException("Failed to load the UrlSecurityJsonFile " + getPath(), e);
     }
@@ -163,13 +171,13 @@ protected void doSave() {
 
     ObjectMapper mapper = JsonMapping.create();
 
-    if (this.urlSecurityWarningsJson.getWarnings().isEmpty() && !Files.exists(getPath())) {
+    if (this.urlSecurityWarnings.isEmpty() && !Files.exists(getPath())) {
       return;
     }
 
     String jsonString;
     try {
-      jsonString = mapper.writeValueAsString(this.urlSecurityWarningsJson);
+      jsonString = mapper.writeValueAsString(urlSecurityWarnings);
     } catch (JsonProcessingException e) {
       throw new RuntimeException(e);
     }
@@ -182,8 +190,11 @@ protected void doSave() {
     }
   }
 
-  public UrlSecurityWarningsJson getUrlSecurityWarningsJson() {
+  /**
+   * @return Collection of {@link UrlSecurityWarning}.
+   */
+  public Collection<UrlSecurityWarning> getUrlSecurityWarnings() {
 
-    return this.urlSecurityWarningsJson;
+    return this.urlSecurityWarnings;
   }
 }
\ No newline at end of file
diff --git a/cli/src/test/java/com/devonfw/tools/ide/url/model/UrlSecurityJsonFileTest.java b/cli/src/test/java/com/devonfw/tools/ide/url/model/UrlSecurityJsonFileTest.java
index ab497b6b8..3700f376e 100644
--- a/cli/src/test/java/com/devonfw/tools/ide/url/model/UrlSecurityJsonFileTest.java
+++ b/cli/src/test/java/com/devonfw/tools/ide/url/model/UrlSecurityJsonFileTest.java
@@ -1,5 +1,12 @@
 package com.devonfw.tools.ide.url.model;
 
+import java.io.File;
+import java.math.BigDecimal;
+import java.nio.file.Path;
+import java.util.Set;
+
+import org.junit.jupiter.api.Test;
+
 import com.devonfw.tools.ide.context.AbstractIdeContextTest;
 import com.devonfw.tools.ide.context.IdeContext;
 import com.devonfw.tools.ide.url.model.file.UrlSecurityJsonFile;
@@ -7,12 +14,6 @@
 import com.devonfw.tools.ide.url.model.folder.UrlEdition;
 import com.devonfw.tools.ide.version.VersionIdentifier;
 import com.devonfw.tools.ide.version.VersionRange;
-import org.junit.jupiter.api.Test;
-
-import java.io.File;
-import java.math.BigDecimal;
-import java.nio.file.Path;
-import java.util.Set;
 
 /** Test of {@link UrlSecurityJsonFile}. */
 
@@ -42,7 +43,7 @@ public void testUrlJsonSecurityFileLoad() {
     UrlSecurityJsonFile securityFile = context.getUrls().getEdition("mvn", "mvn").getSecurityJsonFile();
 
     // assert
-    assertThat(securityFile.getUrlSecurityWarningsJson().getWarnings()).containsExactly(warning1, warning2);
+    assertThat(securityFile.getUrlSecurityWarnings()).containsExactly(warning1, warning2);
   }
 
   /**
@@ -66,15 +67,13 @@ public void testUrlJsonSecurityFileAddAndSave() {
 
     // assert
     assertThat(new File(String.valueOf(securityFilePath))).hasContent("""
-        {
-          "warnings" : [ {
-            "versionRange" : "[1,3)",
-            "severity" : 1.2,
-            "cveName" : "testName3",
-            "description" : "testDescription3",
-            "nistUrl" : "https://nvd.nist.gov/vuln/detail/testName3"
-          } ]
-        }
+        [ {
+          "versionRange" : "[1,3)",
+          "severity" : 1.2,
+          "cveName" : "testName3",
+          "description" : "testDescription3",
+          "nistUrl" : "https://nvd.nist.gov/vuln/detail/testName3"
+        } ]
         """);
   }
 
diff --git a/cli/src/test/resources/ide-projects/basic/_ide/urls/mvn/mvn/security.json b/cli/src/test/resources/ide-projects/basic/_ide/urls/mvn/mvn/security.json
index 57d9df8d5..f3086cf74 100644
--- a/cli/src/test/resources/ide-projects/basic/_ide/urls/mvn/mvn/security.json
+++ b/cli/src/test/resources/ide-projects/basic/_ide/urls/mvn/mvn/security.json
@@ -1,15 +1,16 @@
-{
-  "warnings" : [ {
-    "versionRange" : "[3.0.6,3.2.1)",
-    "severity" : 5.8,
-    "cveName" : "testName1",
-    "description" : "testDescription1",
-    "nistUrl" : "https://nvd.nist.gov/vuln/detail/testName1"
-  }, {
-    "versionRange" : "(,3.8.1)",
-    "severity" : 9.1,
-    "cveName" : "testName2",
-    "description" : "testDescription2",
-    "nistUrl" : "https://nvd.nist.gov/vuln/detail/testName2"
-  } ]
-}
\ No newline at end of file
+[
+  {
+    "versionRange": "[3.0.6,3.2.1)",
+    "severity": 5.8,
+    "cveName": "testName1",
+    "description": "testDescription1",
+    "nistUrl": "https://nvd.nist.gov/vuln/detail/testName1"
+  },
+  {
+    "versionRange": "(,3.8.1)",
+    "severity": 9.1,
+    "cveName": "testName2",
+    "description": "testDescription2",
+    "nistUrl": "https://nvd.nist.gov/vuln/detail/testName2"
+  }
+]
\ No newline at end of file