Every CVE whose affected-product data names Ng-packagr Project Ng-packagr, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.