Windows Post Patch Report not showing available/pending updates

Question

Problem - I have an ansible playbook in which I have written 3 powershell scripts to list last 5 installed patches, failed patches, and available patches. Now, the issue happening is:

1. For Installed patches - It is not showing the KB that was failing to install before but finally got installed, it is visible in control panel's update logs, but not through Get-Hotfix command.
2. For Available Patches - It shows the same KBs that are coming in failed KBs because those are also available for installation, but the requirement is to list only pending updates, that are not failed also, like we don't want to consider failed patches as new patch available to install.
3. For Failed Patches - The script is working but in one of the servers, it showed no failed patch, while it was there, so it is unreliable.

We have currently, Windows 2012, 2016, 2019 versions and patches are pushed through WSUS. Here is the current script:

1. Installed Patches

   Get-HotFix | Where-Object {$_.Description -match 'Update|Security Update'} | Sort-Object -Property InstalledOn -Descending | Select-Object -First 5 | Select -ExpandProperty HotFixID

2. Failed Patches

   $Searcher = New-Object -ComObject Microsoft.Update.Session
   $Searcher.ClientApplicationID = "My App"
   $Searcher = $Searcher.CreateUpdateSearcher()
   $SearchResult = $Searcher.Search("IsInstalled=0 and Type='Software'")            
   $FailedUpdates = $SearchResult.Updates | where {$_.ResultCode -ne "0"}
   
   if ($FailedUpdates) {
     foreach ($Update in $FailedUpdates) {
       foreach ($KBID in $Update.KBArticleIDs) {
         [PSCustomObject]@{
             UpdateKB  = $KBID
         }            
     }
    }
   } else {
   [PSCustomObject]@{
      UpdateKB  = "No Failed Patches"                                  
   }           
   }
   

3. Available Patches

     $updateSession = New-Object -ComObject Microsoft.Update.Session 
     $updateSearcher = $updateSession.CreateUpdateSearcher() 
     $pendingUpdates = $updateSearcher.Search("IsInstalled=0") 
     foreach ($update in $pendingUpdates.Updates) 
     { Write-Output "$($update.Title)" }
   

For pending updates, I did try Get-WsusUpdate and WindowsPSUpdate but they are not available on most of the servers and I don't have permission to install cmdlets. I need help on modifying these scripts to give the required results, or if there is any other way to list these then it would be helpful.