1. LDR Security Patch: Critical pypdf Vulnerability Exposed in arXiv/PubMed PDF Processing
A routine dependency update for the LDR platform has exposed a critical, actively exploitable vulnerability in its core PDF processing pipeline. The security patch addresses four GitHub security alerts, but one stands out: an XMP entity-expansion denial-of-service (DoS) flaw in the `pypdf` library (CVE via GHSA-3crg-w4...