diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2553672..f15eb96 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Changelog
 
+## 0.4.0 (unreleased)
+
+## Added
+
+- Added the ability to collect CPE information from a package's metadata.
+
 ## 0.3.0
 
 ### Added
diff --git a/nix/packages/transformer.nix b/nix/packages/transformer.nix
index 843de2c..03ff435 100644
--- a/nix/packages/transformer.nix
+++ b/nix/packages/transformer.nix
@@ -6,7 +6,7 @@
 let
   cargoToml = builtins.fromTOML (builtins.readFile ../../rust/transformer/Cargo.toml);
 in
-rustPlatform.buildRustPackage {
+rustPlatform.buildRustPackage rec {
   pname = cargoToml.package.name;
   inherit (cargoToml.package) version;
 
@@ -25,5 +25,6 @@ rustPlatform.buildRustPackage {
     license = licenses.mit;
     maintainers = with lib.maintainers; [ nikstur ];
     mainProgram = "bombon-transformer";
+    cpe = "cpe:2.3:a:nikstur:bombon-transformer:${version}:*:*:*:*:*:*:*";
   };
 }
diff --git a/rust/transformer/src/cyclonedx.rs b/rust/transformer/src/cyclonedx.rs
index 36af4fc..8cc0c61 100644
--- a/rust/transformer/src/cyclonedx.rs
+++ b/rust/transformer/src/cyclonedx.rs
@@ -8,7 +8,7 @@ use anyhow::{Context, Result};
 use cyclonedx_bom::external_models::normalized_string::NormalizedString;
 use cyclonedx_bom::external_models::uri::{Purl, Uri};
 use cyclonedx_bom::models::bom::{Bom, UrnUuid};
-use cyclonedx_bom::models::component::{Classification, Component, Components, Scope};
+use cyclonedx_bom::models::component::{Classification, Component, Components, Cpe, Scope};
 use cyclonedx_bom::models::external_reference::{
     self, ExternalReference, ExternalReferenceType, ExternalReferences,
 };
@@ -161,6 +161,7 @@ impl CycloneDXComponent {
         if let Some(meta) = derivation.meta {
             component.licenses = convert_licenses(&meta);
             component.description = meta.description.map(|s| NormalizedString::new(&s));
+            component.cpe = meta.cpe.map(|s| Cpe::new(&s));
             if let Some(homepage) = meta.homepage {
                 external_references.push(convert_homepage(&homepage));
             }
diff --git a/rust/transformer/src/derivation.rs b/rust/transformer/src/derivation.rs
index 1e4fc51..822b9e1 100644
--- a/rust/transformer/src/derivation.rs
+++ b/rust/transformer/src/derivation.rs
@@ -40,6 +40,7 @@ pub struct Meta {
     pub license: Option<LicenseField>,
     pub homepage: Option<String>,
     pub description: Option<String>,
+    pub cpe: Option<String>,
 }
 
 #[derive(Deserialize, Clone, Debug)]