If my mid 2012 MacBook Air can only update to Catalina 10.15.7 does that make it vulnerable to security risks?

Apple generally provides security updates for the three most recent versions of macOS. Right now, those would be Monterey, Ventura, and Sonoma.

The last update to Catalina (10.15.7) was in September 2020, although there was a security release (Safari 15.6.1) for an issue that affected Catalina on August 18, 2022.

Apple security releases - Apple Support

macOS Catalina is still getting security updates from Apple ... so, at this point in time, as long as you apply these updates, your laptop should not be unnecessarily vulnerable to security risks.

Thanks! You are absolutely correct in that Apple typically only provides security updates for the last three versions of macOS, but they have been known to continue to release them, albeit sparingly, for some older versions.

FWIW, I came across this issue with two of my older (2010 & 2011 MBPs) that could only be updated to macOS High Sierra. I managed to find a third-party workaround to allow both of those laptops to run macOS Monterey successfully to give them a little more "lifespan." Both of these laptops are in the Apple "obsolete" support category, so they became part of my testbed devices to experiment with.

No more so than it has ever been. Apple provides routine security updates to macOS versions that remain supported, but that is far down the list of potential threats.

Effective defenses against malware and other threats - Apple Community describes more common exploits that only you can prevent.