When will VEX docs will be made publicly available for STMCube packages ?

Hello,

I’m working with the STM32CubeWB package and trying to understand ST’s plans regarding VEX documentation following annoucements here https://wiki.st.com/stm32mcu/wiki/Security%3ASTM32%20Software%20security%20policies%20Q%26A#

Could you clarify the plan for STM32CubeWB specifically?

1. Is VEX publication still planned for STM32CubeWB? If yes, is there an estimated timeline or target STM32CubeWB release version?
2. Where will the VEX files be published: inside the STM32CubeWB package, on st.com, on GitHub, or next to the existing sbom_cdx.json file?
3. Will VEX documents be provided per STM32CubeWB version, or only for the latest available package?
4. Will VEX entries map directly to SBOM components using bom-ref or Black Duck component IDs from the associated SBOM, or another identifier?
5. Can we expect more detailed vulnerability information than what is currently available through PSIRT bulletins, for example affected/not affected status, justification, fixed version, remediation, or workaround information?
6. Will historical STM32CubeWB versions be covered as well?

Thank you for your answers.