# Source Registry ## Source #1 - **Title**: GSD Error from Camera Tilt — Geometric Analysis - **Link**: Research agent analysis based on photogrammetry fundamentals - **Tier**: L1 - **Publication Date**: N/A (mathematical derivation) - **Timeliness Status**: ✅ Currently valid - **Target Audience**: UAV photogrammetry systems - **Research Boundary Match**: ✅ Full match - **Summary**: GSD error from tilt = (1/cos(θ) - 1) × 100%. At 5° → 0.38%, at 18° → >5%, at 30° → 15.5%. Homography decomposition (already in pipeline) can extract tilt from rotation matrix R. - **Related Sub-question**: SQ-1 ## Source #2 - **Title**: SALAD: DINOv2 Optimal Transport Aggregation (CVPR 2024) - **Link**: https://arxiv.org/abs/2311.15937 - **Tier**: L1 - **Publication Date**: 2024-03 - **Timeliness Status**: ✅ Currently valid - **Version Info**: DINOv2 ViT-B/14 - **Target Audience**: Visual place recognition researchers - **Research Boundary Match**: ⚠️ Partial overlap (VPR, not UAV-satellite cross-view) - **Summary**: SALAD achieves 75.0% R@1 on MSLS Challenge vs 62.6% for GeM (+12.4pp). <3ms overhead per image. Backbone-agnostic; works with ViT-S. - **Related Sub-question**: SQ-3 ## Source #3 - **Title**: PyTorch CUDA Streams and Single-GPU Concurrency - **Link**: PyTorch official documentation + CUDA MPS documentation - **Tier**: L1/L2 - **Publication Date**: 2025-2026 - **Timeliness Status**: ✅ Currently valid - **Target Audience**: GPU computing developers - **Research Boundary Match**: ✅ Full match - **Summary**: Compute-bound models (like DNN inference) saturate the GPU; CUDA streams cannot provide true parallelism. Recommended: sequential GPU execution with async Python for logical overlap. CUDA MPS possible on Linux but adds complexity. - **Related Sub-question**: SQ-4 ## Source #4 - **Title**: python-jose Maintenance Status and CVEs - **Link**: https://github.com/mpdavis/python-jose (GitHub) - **Tier**: L2 - **Publication Date**: 2026-03 - **Timeliness Status**: ✅ Currently valid - **Target Audience**: Python JWT library users - **Research Boundary Match**: ✅ Full match - **Summary**: python-jose unmaintained for ~2 years. Multiple CVEs including DER confusion and timing side-channels. Okta and community recommend migration to PyJWT. - **Related Sub-question**: SQ-10 ## Source #5 - **Title**: CVE-2026-25990 Pillow PSD Out-of-Bounds Write - **Link**: NVD - **Tier**: L1 - **Publication Date**: 2026 - **Timeliness Status**: ✅ Currently valid - **Version Info**: Affects 10.3.0–<12.1.1 - **Target Audience**: Python image processing users - **Research Boundary Match**: ✅ Full match - **Summary**: Out-of-bounds write in PSD handler. Fixed in Pillow ≥12.1.1. Draft05 pins ≥11.3.0 which is affected. - **Related Sub-question**: SQ-10 ## Source #6 - **Title**: aiohttp CVEs (7 vulnerabilities, 2025-2026) - **Link**: NVD / GitHub advisories - **Tier**: L1 - **Publication Date**: 2025-2026 - **Timeliness Status**: ✅ Currently valid - **Version Info**: Fixed in ≥3.13.3 - **Target Audience**: Python async HTTP users - **Research Boundary Match**: ✅ Full match - **Summary**: Zip bomb DoS, large payload DoS, request smuggling. All fixed in aiohttp ≥3.13.3. - **Related Sub-question**: SQ-10 ## Source #7 - **Title**: CVE-2025-43859 h11 HTTP Request Smuggling - **Link**: NVD - **Tier**: L1 - **Publication Date**: 2025 - **Timeliness Status**: ✅ Currently valid - **Version Info**: CVSS 9.1, fixed in h11 ≥0.16.0 - **Target Audience**: Python web server users (uvicorn depends on h11) - **Research Boundary Match**: ✅ Full match - **Summary**: HTTP request smuggling via h11 (uvicorn dependency). CVSS 9.1. Pin h11 ≥0.16.0. - **Related Sub-question**: SQ-10 ## Source #8 - **Title**: ONNX Runtime Path Traversal (AIKIDO-2026-10185) - **Link**: NVD / ONNX Runtime GitHub - **Tier**: L1 - **Publication Date**: 2026 - **Timeliness Status**: ✅ Currently valid - **Version Info**: Fixed in ≥1.24.1 - **Target Audience**: ONNX Runtime users - **Research Boundary Match**: ✅ Full match - **Summary**: Path traversal in external data loading. Upgrade to ONNX Runtime ≥1.24.1. - **Related Sub-question**: SQ-10 ## Source #9 - **Title**: Lens Distortion Correction for UAV Photogrammetry - **Link**: https://www.sciopen.com/article/10.11947/j.JGGS.2025.0105 - **Tier**: L1 - **Publication Date**: 2025 - **Timeliness Status**: ✅ Currently valid - **Target Audience**: UAV photogrammetry practitioners - **Research Boundary Match**: ✅ Full match - **Summary**: Lens distortion correction is crucial for UAV photogrammetry with non-metric cameras. Interior orientation parameters affect image coordinate accuracy significantly. - **Related Sub-question**: SQ-2 ## Source #10 - **Title**: ENU Coordinate Limitations — Navipedia / DIRSIG - **Link**: https://gssc.esa.int/navipedia/index.php/Transformations_between_ECEF_and_ENU_coordinates - **Tier**: L1 - **Publication Date**: Current - **Timeliness Status**: ✅ Currently valid - **Target Audience**: Navigation system developers - **Research Boundary Match**: ✅ Full match - **Summary**: ENU flat-Earth approximation suitable for <4km extents. Beyond 4km, Earth curvature introduces significant error. For larger areas, UTM or periodic re-centering needed. - **Related Sub-question**: SQ-9 ## Source #11 - **Title**: Visual SLAM Memory Management for Large-Scale Environments - **Link**: https://link.springer.com/chapter/10.1007/978-3-319-77383-4_76 - **Tier**: L1 - **Publication Date**: 2018 (principles still valid) - **Timeliness Status**: ✅ Currently valid - **Target Audience**: Visual SLAM researchers - **Research Boundary Match**: ✅ Full match - **Summary**: Spatial database organization and selective memory storage essential for scalability. Keep only recent features in active memory; older features archived or discarded. - **Related Sub-question**: SQ-5 ## Source #12 - **Title**: safetensors Metadata RCE Report (Feb 2026) - **Link**: HuggingFace security advisories - **Tier**: L2 - **Publication Date**: 2026-02 - **Timeliness Status**: ⚠️ Needs verification (under review) - **Target Audience**: ML model deployment teams - **Research Boundary Match**: ✅ Full match - **Summary**: Potential RCE via crafted metadata in safetensors files. Under review as of Feb 2026. Polyglot and header-bomb risks known. Monitor. - **Related Sub-question**: SQ-10