Also when i have a user which can only access certain namespaces but has "view" and "modify" rights of the "Vulnerability" section, he cant accept CVEs, only view them. Is this the wanted behavior?