Security: Fix all dependency vulnerabilities

- Update urllib3: 2.2.2 → 2.5.0 (fixes CVE-2025-50181, CVE-2025-50182)
- Update pypdf: 5.4.0 → 6.1.0 (fixes CVE-2025-55197)
- Update Pillow: 11.2.1 → 11.3.0 (fixes CVE-2025-48379)
- Update Jinja2: 3.1.5 → 3.1.6 (fixes CVE-2025-27516)
- Update cryptography: 43.0.1 → 46.0.1 (fixes CVE-2024-12797)
- Update cffi: 1.17.0 → 2.0.0 (dependency update)

All 6 security vulnerabilities resolved
Safety check now reports 0 vulnerabilities
All tests still passing (179 passed, 7 skipped)
Ready for secure release v0.9.0

Author: howethomas