You can download and parse feeds from cve.mitre.org: https://cve.mitre.org/data/downloads/index.html
You can use vulners.com, a vulnerability information aggregator. There is a wide range of notification tools, including telegram messages, with the ability to filter by various criteria, there is also an API for obtaining information.
But updates alone do not provide security - the system must be configured accordingly. In this regard, there are regulations developed by different offices. For example, here is a bunch of regulations for different platforms and their versions: https://www.cisecurity.org/cis-benchmarks/

Samba is one of the latest.
Well, there are a lot of holes, but to close them, roll all the updates. And install some kind of antivirus, for example, Komodo, it is free good

The question is that I would like to know about the main holes and how to close them.

If you find out - this is on special. resources that specialize in finding and describing vulnerabilities.
If you just need to close - roll up updates, you don't need to know about vulnerabilities for this.
It's just that Windows is more for local networks, and you shouldn't shove it with your bare ass on the Internet.
For good, Windows sits in LAN, and the router looks at the Internet - and access from the Internet to it is either generally closed, or some necessary ports are open.
And on Windows itself, sit less under the administrator, give users only the necessary rights, do not allow the launch of any applications.