Update vulnerability services to ensure newly created vulnerabilities are related to the appropriate tracked ref

Outside of standard vulnerability ingestion, there are some processes in which vulnerabilities may be created (such as manual and starboard vulnerabilities) in which we need to ensure the vulnerability is created appropriately associated with an applicable tracked ref, likely passed by context from the api.

Services/Cases we need to handle: