The vulnerabilities could have let malicious users masquerade as agency officials, potentially misleading researchers, contractors and others.
Execution, integrity, and provenance determine PDF safety.