To clarify: systemd uses seccomp to filter system calls. Seccomp employs the older BPF, but not eBPF. There was some work done to make seccomp use eBPF, but so far nothing is merged.
eBPF is used in systemd's firewall code though, which allows filtering the IP addresses a service can contact. If this feature is not needed, eBPF can probably be disabled without impacting the other sandboxing features of systemd.
There are other tools that use eBPF to mitigate specific Linux kernel vulnerabilities, or to do Linux kernel observation/tracing.
https://isovalent.com/blog/post/2022-05-16-tetragon/