Provide UI hint about 25 finding limitation in security MR widget

Proposal

In the !124920 (merged) MR we documented this limitation in the Ultimate section of the docs about viewing security scan information in merge requests:

The widget only displays the first 25 findings of each type, sorted by severity. To see all findings, select View full report to go directly to the Security tab in the latest branch pipeline.

When viewing the MR security widget in the UI, this limitation is not clear. This issue proposes adding some UI hint to clarify that 25 is not the total number of vulnerabilities that were found.

Without this UI hint, it can look like there is a large and unclear discrepancy between the number of vulnerabilities reported in the MR and reported on the pipeline's Security tab. This can be confusing especially for folks who are new to our scanners.

The need for this UI hint came up in a ticket that is available to GitLab team members with access to Zendesk.

💡 Ideas

A few ideas for what I think would be helpful here. These options are not mutually exclusive: we could implement multiple.

1️⃣ Add "at least" (or similar wording)

We say things like this today:

Security scanning detected 25 new potential vulnerabilities

SAST detected 25 new potential vulnerabilities

We could say something like this instead:

Security scanning detected 25 (or more) new potential vulnerabilities

SAST detected 25 (or more) new potential vulnerabilities

or:

Security scanning detected at least 25 new potential vulnerabilities

SAST detected at least 25 new potential vulnerabilities

Building on the suggestions in the issue, we could say:

Security scanning detected 25+ new potential vulnerabilities

SAST detected 25+ new potential vulnerabilities

or

Security scanning detected more than 25 new potential vulnerabilities

SAST detected more than 25 new potential vulnerabilities

2️⃣ Adjust the tooltip

There is an ℹ icon right where folks are when they bump into this. I think it's a bit too small for adjusting the text there to be the only way we address this but that does present a great opportunity.

3️⃣ Change Full report

We might change the Full report text to be a much stronger hint. When there are more vulnerabilities than can be shown, perhaps it says something more like: See all vulnerabilities.