If you're using role-based access control (RBAC), recipients will only receive notifications based on the device groups that were configured in the notification rule. Users with the proper permission can only create, edit, or delete notifications that are limited to their device group management scope. Only users assigned to the Global administrator role can manage notification rules that are configured for all device groups.
The email notification includes basic information about the vulnerability event. There are also links to filtered views in the Defender Vulnerability Management Security recommendations and Weaknesses pages in the portal so you can further investigate.
Hope this resolves your Query !!
--If the reply is helpful, please Upvote and Accept it as an answer--