Hello Ross,
We can inherit cve-check by default in the configuration to export CVE information like CVE_PRODUCT, CVE_VERSION and the newly added variable CVE_PATCHED. And CVE_CHECK_WITH_DB variable will avoid scanning the CVEs from DB
It will work like 2 operational mode for cve-check.bbclass