Some researchers who use the markup language LaTeX for typesetting are unwittingly making private information public.Credit: Tom Houghton/Nature
Nearly all of the nearly three million papers available on the arXiv preprint server contain details the authors never meant to share, a new study finds.
The study, uploaded to arXiv in April and presented at theInstitute of Electrical and Electronics Engineers Symposium on Security and Privacy in San Francisco, California, in May, analysed around 2.7 million articles posted to the repository up until December 2025, amounting to 93% of the preprints. It found that 88% of submissions that contained LaTeX source files included some form of hidden information, from arguments between co-authors and to-do lists acknowledging weaknesses in the text, to passwords, GPS coordinates that can reveal a researcher’s home address, and application programming interface (API) keys — strings of characters that function like passwords for programmers1.
“What we report in the paper is really just the tip of the iceberg,” says Jan Pennekamp, a security and privacy researcher at RWTH Aachen University in Germany and first author of the study. Each preprint can have multiple versions, all of which remain online, and the team counted 12 million accompanying or ‘dangling’ files that would need individual inspection to fully assess the extent of data leakage, Pennekamp explains.
arXiv is a preprint repository that is particularly popular in the physical and computational sciences. Founded in 1991, it requires authors whose manuscripts are written in LaTeX — a markup language used to typeset scientific papers — to upload their LaTeX source files and make them available alongside the PDF. But because LaTeX works like code, it also supports comments: lines that authors can read but that do not appear in the final document.
“The vast majority of researchers only care about the PDF,” says Ricardo Henriques, a biophysicist at the António Xavier Institute of Chemical and Biological Technology in Oeiras, Portugal, who uploads his own papers to arXiv. “That also makes most researchers not aware of the potential impact of leaving comments inside those LaTeX files.”
What’s exposed
Pennekamp and his colleagues examined three elements of arXiv submissions: dangling files, which aren’t needed to produce the paper; embedded metadata in images and PDFs; and content such as comments in LaTeX source code. Among other things, the analysis surfaced private conversations between co-authors, including profane, unflattering or embarrassing comments about research competitors and to-do notes acknowledging weaknesses that were not mentioned in the published text rather than addressed.
Other researchers have also documented data leakage in the arXiv repository. In January, Giovanni Apruzzese, a computer scientist at Reykjavik University and the University of Liechtenstein in Vaduz, and web-security researcher Aurore Fass at the Inria Centre at Côte d’Azur University in Sophia Antipolis, France, reported their analysis of 600,000 preprints, finding that 27% of them include “residual data” that are not needed to produce the PDF2. A detailed analysis of 200 such preprints identified “undisclosed research details, or the presence of derogatory statements” in 20%, including comments such as “WTF does this mean?”
arXiv at 20
... continue reading