gps-denied-desktop/_docs/00_research/draft05_assessment/02_fact_cards.md

Fact Cards

Fact #1

• Statement: Camera tilt of 18° produces >5% GSD error. During turns (10-30° tilt), GSD error is 1.5-15.5%. In straight flight (1-5°), error is negligible (0.015-0.38%).
• Source: Source #1 (geometric derivation: error = 1/cos(θ) - 1)
• Phase: Assessment
• Target Audience: UAV VO systems with non-stabilized cameras
• Confidence: ✅ High (mathematical derivation)
• Related Dimension: VO accuracy

Fact #2

• Statement: Homography decomposition (already in pipeline) extracts rotation matrix R, from which camera tilt (pitch/roll) can be derived. GSD correction formula: GSD_corrected = GSD_nadir / cos(θ).
• Source: Source #1
• Phase: Assessment
• Target Audience: UAV VO systems
• Confidence: ✅ High
• Related Dimension: VO accuracy

Fact #3

• Statement: SALAD aggregation improves DINOv2 retrieval by +12.4pp R@1 on MSLS Challenge over GeM pooling (75.0% vs 62.6%). NordLand: +40.6pp (76.0% vs 35.4%). Overhead: <3ms per image.
• Source: Source #2 (SALAD paper, CVPR 2024)
• Phase: Assessment
• Target Audience: Visual place recognition systems
• Confidence: ✅ High (peer-reviewed CVPR paper)
• Related Dimension: Satellite coarse retrieval quality

Fact #4

• Statement: SALAD is backbone-agnostic and can work with ViT-S/14 (384-dim), though the paper only reports ViT-B results. Expected ~2-3pp lower recall with ViT-S.
• Source: Source #2
• Phase: Assessment
• Target Audience: DINOv2 ViT-S users
• Confidence: ⚠️ Medium (extrapolated from paper)
• Related Dimension: Satellite coarse retrieval quality

Fact #5

• Statement: GeM pooling provides a simpler improvement over average pooling: 62.6% R@1 on MSLS Challenge vs ~42% for VLAD-style (AnyLoc). It's a one-line change.
• Source: Source #2
• Phase: Assessment
• Target Audience: VPR systems
• Confidence: ✅ High
• Related Dimension: Satellite coarse retrieval quality

Fact #6

• Statement: Compute-bound GPU models (DNN inference like SuperPoint, LightGlue, DINOv2, LiteSAM) CANNOT run truly concurrently on a single GPU via CUDA streams. Models saturate the GPU; streams execute sequentially.
• Source: Source #3 (PyTorch docs, CUDA documentation)
• Phase: Assessment
• Target Audience: GPU pipeline developers
• Confidence: ✅ High (official documentation)
• Related Dimension: Pipeline concurrency model

Fact #7

• Statement: Recommended single-GPU pattern: run VO sequentially first (latency-critical), then satellite matching. Use async Python for logical overlap — satellite results for frame N arrive while VO processes frame N+2 or N+3. pin_memory() + non_blocking=True for data transfer overlap.
• Source: Source #3
• Phase: Assessment
• Target Audience: GPU pipeline developers
• Confidence: ✅ High
• Related Dimension: Pipeline concurrency model

Fact #8

• Statement: python-jose is unmaintained for ~2 years. Multiple CVEs including DER confusion and timing side-channels. Community and Okta recommend migrating to PyJWT.
• Source: Source #4
• Phase: Assessment
• Target Audience: Python JWT library users
• Confidence: ✅ High
• Related Dimension: Security

Fact #9

• Statement: Pillow CVE-2026-25990 (PSD out-of-bounds write) affects versions 10.3.0 to <12.1.1. Draft05 pins ≥11.3.0 which is vulnerable. Must upgrade to ≥12.1.1.
• Source: Source #5
• Phase: Assessment
• Target Audience: Python image processing users
• Confidence: ✅ High (NVD)
• Related Dimension: Security

Fact #10

• Statement: aiohttp has 7 CVEs (zip bomb DoS, large payload DoS, request smuggling). All fixed in ≥3.13.3.
• Source: Source #6
• Phase: Assessment
• Target Audience: Python async HTTP users
• Confidence: ✅ High (NVD)
• Related Dimension: Security

Fact #11

• Statement: h11 CVE-2025-43859 (CVSS 9.1) — HTTP request smuggling affecting uvicorn. Fixed in h11 ≥0.16.0.
• Source: Source #7
• Phase: Assessment
• Target Audience: Python web server users
• Confidence: ✅ High (NVD)
• Related Dimension: Security

Fact #12

• Statement: ONNX Runtime path traversal vulnerability (AIKIDO-2026-10185) in external data loading. Fixed in ≥1.24.1.
• Source: Source #8
• Phase: Assessment
• Target Audience: ONNX Runtime users
• Confidence: ✅ High (NVD)
• Related Dimension: Security

Fact #13

• Statement: Lens distortion correction is crucial for UAV photogrammetry with non-metric cameras. Distortion at image edges can be 5-20px for wide-angle lenses. Camera parameters (K matrix + distortion coefficients) are known in this system.
• Source: Source #9
• Phase: Assessment
• Target Audience: UAV photogrammetry systems
• Confidence: ✅ High (peer-reviewed)
• Related Dimension: VO accuracy / satellite matching accuracy

Fact #14

• Statement: ENU flat-Earth approximation is suitable for <4km extents. Beyond 4km, Earth curvature introduces significant errors. At 10km, error is ~0.5m; at 50km, ~12.5m.
• Source: Source #10
• Phase: Assessment
• Target Audience: Navigation system developers
• Confidence: ✅ High (ESA Navipedia)
• Related Dimension: Coordinate system accuracy

Fact #15

• Statement: Visual SLAM memory management: keep only recent features in active memory (rolling window); archive/discard older features. Selective memory storage can reduce database by up to 92.86%.
• Source: Source #11
• Phase: Assessment
• Target Audience: Visual SLAM systems
• Confidence: ✅ High (peer-reviewed)
• Related Dimension: Memory management

Fact #16

• Statement: safetensors metadata RCE report is under review (Feb 2026). Polyglot and header-bomb attacks are known vectors. Currently no confirmed fix.
• Source: Source #12
• Phase: Assessment
• Target Audience: ML model deployment teams
• Confidence: ⚠️ Medium (under review)
• Related Dimension: Security