According to data collected by the Shadowserver Foundation, there are still at least 45,000 public-facing Jenkins servers that have not been patched against a known critical vulnerability. The flaw, which can lead to remote code execution, was disclosed on January 24; two days later, multiple exploits were released. More https://www.jenkins.io/security/advisory/2024-01-24/?is=2cc6d9fee63e51b4df67755c8a11cab81fce9792ae437cda7111604e302c9ce2#SECURITY-3314