Not an importable report but I wrote a series of scripts to report on software changes and vulnerabilities in a highly regulated environment. PDQ users may find them useful. I gather my data from PDQ and then run the script to ingest it into the database. Here is a link if anyone is interested: https://github.com/compuvin/SoftwareMatrix
Thanks! PDQ rocks!