Vulnerabilities generates JSON feeds twice hourly by Fleet containing enriched CVEs matched to CPEs. Fleet servers use this information to identify vulnerable versions of software in Fleet's software inventory.
Vulnerabilities is in pre-release. The Fleet team is currently dogfooding and documenting the feature. You can track the progress here.