As said in the title, I cannot find any vulnerabilities in my project using the bundled Package Search plugin to find dependencies vulnerabilities.
I use IntelliJ IDEA 2022.1.3 (Ultimate Edition), and I checked it by putting for example the spring-boot-starter-parent version to 2.2.1.RELEASE, which contains severe CVE vulnerabilities.
So In fact yes it works perfectly and is awesome. But was bugged in previous version. https://youtrack.jetbrains.com/issue/IDEA-294147/Intellij-IDEA-show-vulnerable-dependencies-not-working-when-an-IDE-is-activated-not-with-JetBrains-Account
MY colleague had his personal licence activation before using the company licence server, that's why it worked on his side.