refactor: add warning if severity not from vendor (or NVD or GH) is used

pkg/vulnerability/vulnerability.go

@@ -130,6 +130,7 @@ func (c Client) getVendorSeverity(vulnID string, vuln *dbTypes.Vulnerability, so
 		return dbTypes.SeverityUnknown.String(), ""
 	}
 
+	log.Warn("Vendor and NVD don't have severity level. Severity from another vendor is used (see `VendorSeverity` in `json` format).", log.String("CVE", vulnID))
 	return vuln.Severity, ""
 }