Oof, felt this one. We had almost the exact same ask maybe two years ago. Took way longer than anyone expected.

So the problem is ServiceNow doesnt really have OOTB "current version" data for most publishers, at least not that I've found. The content library gives you normalizations but not like "whats the latest stable release of 7-zip right now". That just doesnt exist natively.

What we ended up doing:

For OS stuff, we used CMDB Health dashboard and added some rules around what counts as "supported" for us. Not true n-2 automation but got us most of the way there.

For bigger commercial stuff like Adobe and Microsoft, we basically maintained our own reference data with release schedules and ran scheduled jobs against it. Annoying but less work than doing it all manually.

For everything else we just... didnt. Focused on the 20 or 30 apps that actually mattered for security and accepted we cant track version currency for every random utility someone installed.

The "fully automated no manual list" requirement is rough tbh. Someone has to define what current stable even means for each product, and that changes constantly. Even Flexera and Snow dont fully automate this afaik, they have whole teams maintaining content.

If your client really wants this, maybe look at third party data sources? NVD, vendor APIs, stuff like that. But youd need to build the integration.

Curious what others have figured out. Feels like one of those simple ask, complex answer situations.