Hi,
Thanks for posting in Q&A.
This is by design for .net updates.
For example of KB4566519, it is actually composed of four small updates:KB4565613, KB4565614, KB4565622, KB4565635:
So to avoid too much data in wsus, these four small updates will not show in WSUS console. But when you approve the KB4566519, the clients will only install the required .net update, such as KB4565613.
So nothing wrong with your WSUS.
Regards,
Allen