I strongly believe the JED and the VEL functions should be more tightly integrated. The VEL's usability and visibility would escalate incredibly with such a change, and adding the VEL as a "feature" OF the JED would allow both teams to have a greater positive impact on the joomla community as a whole.
Currently "vulnerability" information for extensions is not maintained where that extension is most prominently accessed. Instead vulnerability information is stored on the VEL, in a static like format with no connection to the JED listing.