Every CVE whose affected-product data names Jenkins Ec2, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2017-1000502 — CVSS 8.8 (high): Users with permission to create or configure agents in Jenkins 1.37 and earlier could configure an EC2 agent to run arbitrary shell…
CVE-2019-10364 — CVSS 5.5 (medium): Jenkins Amazon EC2 Plugin 1.43 and earlier wrote the beginning of private keys to the Jenkins system log.