diff --git a/server/vulnerabilities/nvd/cpe_test.go b/server/vulnerabilities/nvd/cpe_test.go
index 00931ab431..3db9aad10c 100644
--- a/server/vulnerabilities/nvd/cpe_test.go
+++ b/server/vulnerabilities/nvd/cpe_test.go
@@ -1810,6 +1810,24 @@ func TestCPEFromSoftwareIntegration(t *testing.T) {
 			},
 			cpe: "cpe:2.3:a:minio:minio:2020-03-10T00-00-00Z:*:*:*:*:macos:*:*",
 		},
+		{
+			software: fleet.Software{
+				Name:             "iTerm2",
+				Source:           "apps",
+				Version:          "3.5.14",
+				BundleIdentifier: "com.googlecode.iterm2",
+			},
+			cpe: "cpe:2.3:a:iterm2:iterm2:3.5.14:*:*:*:*:macos:*:*",
+		},
+		{
+			software: fleet.Software{
+				Name:             "iTerm2ImportStatus",
+				Source:           "apps",
+				Version:          "1.0",
+				BundleIdentifier: "com.googlecode.iterm2.iTerm2ImportStatus",
+			},
+			cpe: "", // Skip iTerm2ImportStatus since it is part of iTerm2 and doesn't have its own cpe
+		},
 		{
 			software: fleet.Software{
 				Name:    "Firefox.app",
diff --git a/server/vulnerabilities/nvd/cpe_translations.json b/server/vulnerabilities/nvd/cpe_translations.json
index 1f2afd38be..31d8e4c528 100644
--- a/server/vulnerabilities/nvd/cpe_translations.json
+++ b/server/vulnerabilities/nvd/cpe_translations.json
@@ -607,12 +607,22 @@
   },
   {
     "software": {
-      "bundle_identifier": ["/^com\\.googlecode\\.iterm2/"],
+      "bundle_identifier": ["com.googlecode.iterm2"],
       "source": ["apps"]
     },
     "filter": {
       "product": ["iterm2"],
-      "vendor": ["iterm2"]
+      "vendor": ["iterm2"],
+      "skip": false
+    }
+  },
+  {
+    "software": {
+      "bundle_identifier": ["/^com\\.googlecode\\.iterm2\\./"],
+      "source": ["apps"]
+    },
+    "filter": {
+      "skip": true
     }
   },
   {