Software pending install shows up in host software list when "Vulnerable software" filter is applied

[jmwatts]

Fleet version: v4.66.0

Web browser and operating system: n/a

---

💥  Actual behavior

Vulnerable software and software with pending installs are shown

🧑‍💻  Steps to reproduce

1. Queue up some pending installs for a host
2. On the Software tab of the host details page, apply the "Vulnerable software" filter

🕯️ Expected behavior

Only vulnerable software is shown

[ksykulev]

See comment about pending vulnerable software. https://github.com/fleetdm/fleet/issues/26824#issuecomment-2776509812

Resolved by, filter out any pending software when filtering by vulnerabilities for now.

[jmwatts]

QA Notes

• [x] VPP apps available to install do not show up when "Vulnerable" filter is applied
• [x] Other available software does not show up when "Vulnerable" filter is applied unless the software is already installed on the host and there is a vulnerability associated with the installed version
• [x] Pending app installs do not show up when "Vulnerable" filter is applied unless the software is already installed on the host and there is a vulnerability associated with the installed version
• [x] Spot check that combinations of Severity and Exploited filters return correct results
• [x] Spot check that count of vulnerable software items matches the number of items in the list when the filter is applied
• [x] Spot check that vulnerabilities in filtered list correctly correspond to the severity filtered
• [x] Spot check that vulnerabilities in filtered list are actually exploited in the wild if exploited is selected.
• [x] Perform tests on Mac, Windows, Ubuntu

[fleet-release]

Filter catches more, Vulnerable, pending both, Clarity restored.