All the tooling that's been integrated everywhere is reliant on CVEs and CVSS. All vendors issue their vulns with CVEs, not ZoomVEs. Disruption is not likely unfortunately.
Yes, because vendors love the idea that "the community" is doing the job of digesting and distilling security issues for them, and all they have to do is slap a graphical interface on that data to charge $100k/yr to customers. There is absolutely no reason the Linux CNA should dignify that concern.