How insightVM checks the Microsoft CVE KBs chain?

I’m trying to figure out how insightVM is able to check the KBs chain for vulnerabilities. For instance, after patch Tuesday it takes up to 3-4 days to get the real results and not false positives but it the thread of vulnerabilities I’m not seeing any new KBs only the first ones. How insightVM is checking for the new monthly KBs to update the results? For instance in the attached snapshot cve — ImgBB I can see the list of all articles but all are pointed to the support page where is mentioned only the direct KB resolving the CVE.

3 Likes