Due to the complexity of the PGP system, there are a plethora of downgrade attacks. Where something that was supposed to be at one level of security can be tricked into doing something much less secure. See https://twitter.com/xmppwocky/status/1291144278953955328, https://mailarchive.ietf.org/arch/msg/openpgp/JLn7sL6TqikUf-..., and https://www.eff.org/deeplinks/2018/05/pgp-and-efail-frequent... for three different examples of such attacks against PGP in recent years.
The second one is just yet another person discovering that the MDC check can be stripped off a message.
The third one seems to be just EFAIL which is not a downgrade or any attack really against PGP.
The second one is just yet another person discovering that the MDC check can be stripped off a message.
The third one seems to be just EFAIL which is not a downgrade or any attack really against PGP.