Implement Approval process similar to Suppression for Patching related to vulnerabilities that are high risk, for eg CISA, EPSS> 0.95

This should not include, patches that go through scheduler

Any 0 day vulnerability reported should go through approval process to be patched.