diff --git a/meta/classes/sbom-cve-check-common.bbclass b/meta/classes/sbom-cve-check-common.bbclass
index 3db189d60de..6963ad71c61 100644
--- a/meta/classes/sbom-cve-check-common.bbclass
+++ b/meta/classes/sbom-cve-check-common.bbclass
@@ -6,6 +6,10 @@ require conf/sbom-cve-check-config.inc
 
 SBOM_CVE_CHECK_DEPLOYDIR = "${WORKDIR}/sbom-cve-check/image-deploy"
 
+SBOM_CVE_CHECK_SCAN_SCOPE ?= "target"
+SBOM_CVE_CHECK_SCAN_SCOPE[doc] = "Whether to scan target and native, just target, or just native. \
+    Valid values are both, target, native."
+
 SBOM_CVE_CHECK_EXTRA_ARGS[doc] = "Allow to specify extra arguments to sbom-cve-check. \
     For example to add export flags for filtering (e.g., only export vulnerable CVEs). \
 "
@@ -54,6 +58,7 @@ def run_sbom_cve_check(d, sbom_path, export_base_name, export_link_name=None):
 
     dl_db_dir = d.getVar("SBOM_CVE_CHECK_DEPLOY_DB_DIR")
     out_deploy_dir = d.getVar("SBOM_CVE_CHECK_DEPLOYDIR")
+    scan_scope = d.getVar("SBOM_CVE_CHECK_SCAN_SCOPE")
 
     export_files = []
     for export_var in d.getVar("SBOM_CVE_CHECK_EXPORT_VARS").split():
@@ -70,7 +75,9 @@ def run_sbom_cve_check(d, sbom_path, export_base_name, export_link_name=None):
         d.expand("${STAGING_BINDIR_NATIVE}/sbom-cve-check"),
         "--sbom-path",
         sbom_path,
-        "--disable-auto-updates"
+        "--disable-auto-updates",
+        "--export-process-native",
+        scan_scope,
     ]
 
     for export_type, export_file, export_link in export_files:
diff --git a/meta/classes/sbom-cve-check-recipe.bbclass b/meta/classes/sbom-cve-check-recipe.bbclass
index 904ce57f5cc..c80b8ac83ff 100644
--- a/meta/classes/sbom-cve-check-recipe.bbclass
+++ b/meta/classes/sbom-cve-check-recipe.bbclass
@@ -9,6 +9,9 @@
 
 inherit sbom-cve-check-common
 
+# Recipe-based scanning should cover both target and native components.
+SBOM_CVE_CHECK_SCAN_SCOPE = "both"
+
 python do_sbom_cve_check_recipe() {
     """
     Task: Run sbom-cve-check analysis on a recipe SBOM.