We have manually created issues and linked them to Security vulnerabilities in the Security tab of the Jira project. After about a day, these links disappear. We are using Lacework for the security scanning.

This is not just the UI issue on security tab, the linked security vulnerabilities stop showing up on the Jira ticket as well. Also, when I search for vulnerabilities via JQL after the link disappears, JQL does not return the issues with vulnerabilities anymore.

In the past, similar problem happened, but we were not able to re-link an exiting vulnerability to an issue, this produced a Jira error ("Something went wrong, try later). Now it seems to succeed in re-linking the same vuln with an issue after the link disappeared.

This makes the management of vulnerabilities quite difficult. Is this a known issue? Or are we doing something wrong? Do I need to implement automation to re-link vulnerabilities to issues each day?