diff --git a/changes/15143-CPE-false-matches-on-bundle-id b/changes/15143-CPE-false-matches-on-bundle-id
index 754c9a699f..203256a987 100644
--- a/changes/15143-CPE-false-matches-on-bundle-id
+++ b/changes/15143-CPE-false-matches-on-bundle-id
@@ -1,3 +1,4 @@
 Previous fix for #13889 caused false positives on software with similar names. Tightening the matching to reduce false positive rate.
 - Google Chrome Helper.app no longer matches Google Chrome.app
-- Acrobat Uninstaller.app no longer matches Acrobat.app
\ No newline at end of file
+- Acrobat Uninstaller.app no longer matches Acrobat.app
+- UmbrellaMenu.app no longer matches Cisco Umbrella
\ No newline at end of file
diff --git a/server/vulnerabilities/nvd/cpe_test.go b/server/vulnerabilities/nvd/cpe_test.go
index 36827ac284..084d7f7c6b 100644
--- a/server/vulnerabilities/nvd/cpe_test.go
+++ b/server/vulnerabilities/nvd/cpe_test.go
@@ -1352,6 +1352,17 @@ func TestCPEFromSoftwareIntegration(t *testing.T) {
 			// DO NOT MATCH with Adobe Acrobat
 			cpe: "",
 		},
+		{
+			software: fleet.Software{
+				Name:             "UmbrellaMenu.app",
+				Source:           "apps",
+				Version:          "1.0",
+				Vendor:           "",
+				BundleIdentifier: "com.cisco.umbrella.menu.UmbrellaMenu",
+			},
+			// DO NOT MATCH with Cisco Umbrella
+			cpe: "",
+		},
 	}
 
 	tempDir := t.TempDir()