What happened:
I scaned a Windows 11 IoT x64 in a VM.
syft scan dir:"C:\" -o cyclonedx-json=D:\vw11iot-cdx.json
and scaned it on Ubuntu with grype also imported to dependency-track, which both show no vulnerabilities of edge.

What you expected to happen:
Generated CPE is:
cpe:2.3:a:Microsoft_Edge:Microsoft_Edge:122.0.2365.106:*:*:*:*:*:*:*
as stated in nvd.nist.gov should be:
cpe:2.3:a:microsoft:edge_chromium:122.0.2365.106:*:*:*:-:*:*:*

Steps to reproduce the issue:

Anything else we need to know?:
Similar to #4275

Environment:

• Output of syft version:

PS C:\WINDOWS\system32> syft --version
syft 1.38.0

• OS (e.g: cat /etc/os-release or similar):
  Windows 11 IoT Enterprise LTSC, 24H2

Thanks :-)