Show CVE's by default

The JVM ecosystem stands to dramatically increase the security posture, were Gradle to show CVE’s by default. Like NPM.

I doubt that this will be added to Gradle itself.
But if you want to request this as feature, you need to open a feature request, not a thread in a user community.

Besides that, there is the Usage – dependency-check-maven that can do what you want.