What's the security risk of having both devices on the same system? Is the ledger wallet vulnerable when connected to the Electrum wallet?
Only that having the wallets on two completely separate devices (i.e. one computer with Electrum with one seed phrase, and another computer with Electrum with no seed phrases which is used to interact with your hardware wallet) is safer than only using one device, since an attacker would need to compromise an additional device in order to steal your coins. Further, your second Electrum wallet which holds no seed phrases and only interacts with your hardware wallet could be permanently airgapped for even more security.
So let's say while the hardware wallet is connected in Electrum, then Electrum somehow gets compromised, the hacker then sends a transaction; they still couldn't spend any coins unless they have physical access to the hardware wallet (ledger) to sign and broadcast the transaction, right?
Theoretically, yes. As far as I know, there are no known remote attacks against the most popular brands of hardware wallet where someone compromising your computer could remotely compromise your hardware wallet or make it sign transactions you didn't wish to sign. However, no one can guarantee 100% that such attacks do not exist. That is why the set up I described above is marginally safer, since the hardware wallet would only ever connect to a second (potentially permanently airgapped) device. The other option would be to swap out the Ledger for a permanently airgapped hardware wallet such as Passport.
That's not to say your set up is not secure. It's much more secure than a standard Electrum wallet, since as you say an attacker would probably need physical access to your hardware wallet as well as compromising your Electrum wallet in order to steal your funds.