Software suppliers subjected to this EU regulation will want to focus on the Annex sections of this new law starting on pdf page 297.
Annex I
ESSENTIAL REQUIREMENTS
Part I Cybersecurity requirements relating to the properties of products with digital
elements
Also noteworthy:
Part II Vulnerability handling requirements
Manufacturers of products with digital elements shall:
(1) identify and document vulnerabilities and components contained in products
with digital elements, including by drawing up a software bill of materials in a
commonly used and machine-readable format covering at the very least the
top-level dependencies of the products;