That is true.
However, it is still the responsibility of the parent program to report this and fix it. You are likely to break many programs if you just replace the DLL.
We will keep an eye out for this and add detection for DLLs when we become aware of programs that bundle vulnerable versions and "provide" a vector to exploit it (very often Java and AIR vulnerabilities can't be exploited, because there is no feasible vector, the same is the case for many DLLs).
I can understand that this feature would be very helpful for you and many other users.
And I can also understand that you are frustrated about the fact, that such an "easy to implement" feature is not implemented yet.
As far as I know, this feature has a higher priority at VulnDetect, but they have to implement some important features for business customers first.
I am not an employee of Secteer, just a normal user as you.
But I have a very good contact with @Tom, so I can tell you what Tom told me some time ago.
So, please be patient, this feature will be implemented!
I am also nerving Tom about this feature nearly every week 😜
I am using VulnDetect Business for some months now.
I added most computers of my family (wife, daughter, brother, girlfriend of brother, Virtual Machine).
Soon I will add my father.
My "job" is to support them (they have no high computer skills, especially my father, my brother and this girlfriend).
So my brother and his girlfriend often call me and ask if their computer is OK (they are used that I call them and tell them to update some applications).
But they are not often online:
So here I can not warn them that there are vulnerabilities on their systems (because I have to wait until they turn their computers on.
It would be very helpful if the list of apps is updated even without a scan.
So I see available updates and existing vulnerabilities and can actively warn them.
I think this feature could be very interesting for Families where one poor admin is managing multiple computers of family members.
Here the family members can install applications themselves (the admin does not manage the PC like an admin in a company).
And family members might have turned off the PC for some days (not always turned on).
So such a list would be very very helpful.