The CVE (Common Vulnerabilities and Exposures) is basic and standard to include in all vulnerability assessments and Penetration testing reports/results... please include those in the final report and CVSS (The Common Vulnerability Scoring System). This will good because the customer has a complete report and useful to compliance.

References:https://cve.mitre.org/https://www.first.org/cvss/specification-document