Sounds like a bug that will need to be fixed in the next release.
i'm not sure how it could be fixed to be honest. These are user generated links.
yes the teaser could be collapsed to not load the images on
/recent but that won't stop the warning from occurring when visiting the topic itself.
In this case a user posted content that included links to imgur that were over
http these links were automatically turned into images, which is easy to do. What's harder to do and probably more trouble than it's worth is figuring out that that imgur serves the same content over http and https and upgrade the links to https.
one could upgrade all image links to https, but then you have the issue of sites that don't exist in both http and https.
And then there's the issue of altering user provided content. That's always a touchy subject for some forum users, and something that should be considered carefully when implemented.
One could also take the approach that Discourse did where by default the forum downloads remote images and serves them up from the forum itself. This does neatly bypass the issue of the missing HTTPS connection, however it did land several installs of discourse into legal hot water regarding rehosting images without proper attribution, so there's that downside... not to mention the additional storage required for the cached images.
You're welcome to open an issue on github for this if you want to, but i would not expect it to gain much traction given the level of thought and effort that would be required to fix this issue, and given that plugins like the aforementioned https everywhere exist and are easy to install.
Security is important, yes but HTTPS is far from universal yet and so there aren't any simple answers that i can think of to user provided content.
Maybe someone smarter than I can come up with something though, so there's no harm in asking.