diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index a0ae63c5d47..bdbcf2043ab 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,11 +1,21 @@
 version: 2
 updates:
-  - package-ecosystem: "nuget" # See documentation for possible values
-    directory: "/" # Location of package manifests
+  # Dependabot can handle at most 150 "manifests", so for NuGet, csprojs referencing packages (see docs:
+  # https://docs.github.com/en/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph#are-there-limits-which-affect-the-dependency-graph-data).
+  # Thus, it would fail for the whole solution.
+  # Grouping updates per directories or otherwise trying to have smaller batches is unnecessary, because due to
+  # centralized package management, Dependabot will find all dependencies from any project. So, just processing the
+  # OrchardCore project.
+  - package-ecosystem: "nuget"
+    directory: "/src/OrchardCore/OrchardCore"
     schedule:
       interval: "weekly"
     groups:
-       # Grouped version updates configuration
        all-dependencies:
           patterns:
             - "*"
+    ignore:
+      # We'll update GraphQL for v3 because it's breaking, see https://github.com/OrchardCMS/OrchardCore/issues/16826.
+      - dependency-name: "GraphQL*"
+      # See the corresponding comment in Directory.Packages.props.
+      - dependency-name: "System.Drawing.Common"
diff --git a/Directory.Packages.props b/Directory.Packages.props
index 3d06fcdc244..ac8cb9f37bb 100644
--- a/Directory.Packages.props
+++ b/Directory.Packages.props
@@ -1,18 +1,15 @@
 <Project>
-
   <PropertyGroup>
     <ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
     <CentralPackageTransitivePinningEnabled>true</CentralPackageTransitivePinningEnabled>
   </PropertyGroup>
-
   <PropertyGroup>
     <!-- Special case - this property is used by a DotNetCliToolReference -->
     <DotNetXunitVersion>2.3.0</DotNetXunitVersion>
   </PropertyGroup>
-
   <ItemGroup>
     <PackageVersion Include="AngleSharp" Version="1.1.2" />
-    <PackageVersion Include="AWSSDK.S3" Version="3.7.403.5" />
+    <PackageVersion Include="AWSSDK.S3" Version="3.7.404.1" />
     <PackageVersion Include="AWSSDK.Extensions.NETCore.Setup" Version="3.7.301" />
     <PackageVersion Include="Azure.Communication.Email" Version="1.0.1" />
     <PackageVersion Include="Azure.Communication.Sms" Version="1.0.1" />
@@ -41,11 +38,9 @@
     <PackageVersion Include="Lucene.Net.Spatial" Version="4.8.0-beta00016" />
     <PackageVersion Include="MailKit" Version="4.8.0" />
     <PackageVersion Include="Markdig" Version="0.37.0" />
-    <PackageVersion Include="MessagePack" Version="2.2.60" />
     <PackageVersion Include="Microsoft.Extensions.Azure" Version="1.7.5" />
     <PackageVersion Include="Microsoft.Extensions.Http.Resilience" Version="8.9.1" />
     <PackageVersion Include="Microsoft.Identity.Web" Version="3.2.0" />
-
     <!--
       Important: the version of the Microsoft.IdentityModel.Protocols.OpenIdConnect package MUST
       match the IdentityModel version transitively referenced by OpenIddict to ensure we don't
@@ -53,7 +48,6 @@
  
       See https://github.com/OrchardCMS/OrchardCore/pull/16057 for more information.
     -->
-
     <PackageVersion Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="8.1.0" />
     <PackageVersion Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
     <PackageVersion Include="MimeKit" Version="4.8.0" />
@@ -91,15 +85,13 @@
     <PackageVersion Include="YesSql.Filters.Query" Version="5.1.1" />
     <PackageVersion Include="ZString" Version="2.6.0" />
   </ItemGroup>
-
   <ItemGroup>
     <GlobalPackageReference Include="Microsoft.SourceLink.GitHub" Version="8.0.0" />
-    <GlobalPackageReference Include="Microsoft.CodeAnalysis.CSharp.CodeStyle" Version="4.11.0"/>
+    <GlobalPackageReference Include="Microsoft.CodeAnalysis.CSharp.CodeStyle" Version="4.11.0" />
   </ItemGroup>
-
-  <!-- These versions are used for tansitive dependency forced upgrades only. For instance when a package reference a vulnerable version. -->
-  <!-- To list all vulnerable direct references run 'dotnet list package -vulnerable' -->
-  <!-- To list all vulnerable transitive references run 'dotnet list package -vulnerable -include-transitive' -->
+  <!-- These versions are used for tansitive dependency forced upgrades only. E.g. when a package references a vulnerable version. -->
+  <!-- To list all vulnerable direct references run 'dotnet list package -vulnerable' (use double dash, just XML comments can't contain it) -->
+  <!-- To list all vulnerable transitive references run 'dotnet list package -vulnerable -include-transitive' (use double dash, just XML comments can't contain it) -->
   <!-- The dependency graphs are generated using 'dotnet nuget why <.sln> <package id>' -->
   <ItemGroup>
     <!--
@@ -110,7 +102,6 @@
                  └─ System.Text.RegularExpressions (v4.3.0)
     -->
     <PackageVersion Include="System.Text.RegularExpressions" Version="4.3.1" />
-
     <!--
       Azure.Extensions.AspNetCore.DataProtection.Blobs (v1.3.4)
       └─ Microsoft.AspNetCore.DataProtection (v3.1.32)
@@ -119,8 +110,8 @@
                └─ System.Windows.Extensions (v4.7.0)
                   └─ System.Drawing.Common (v4.7.0)
     -->
+    <!-- When removing this, remove the corresponding ignore in dependabot.yml too. -->
     <PackageVersion Include="System.Drawing.Common" Version="4.7.2" />
-
     <!--
       Microsoft.AspNetCore.DataProtection.StackExchangeRedis (v8.0.8)
       └─ Microsoft.AspNetCore.DataProtection (v8.0.8)
@@ -130,21 +121,18 @@
     -->
     <PackageVersion Include="System.Formats.Asn1" Version="8.0.1" />
   </ItemGroup>
-
   <!-- These versions are used for the NuGet packages that are dependent on the current TFM -->
   <!-- Versions are preset for the default TFM (there may be no TFM in an evaluation phase) -->
   <PropertyGroup>
     <AspNetCorePackagesVersion>8.0.8</AspNetCorePackagesVersion>
     <MicrosoftExtensionsPackagesVersion>8.0.8</MicrosoftExtensionsPackagesVersion>
   </PropertyGroup>
-
   <!-- When dual-targeting frameworks, add both of them to CommonTargetFrameworks above, when add PropertyGroups like
   below. -->
   <!--<PropertyGroup Condition="$(TargetFramework) == 'net7.0'">
     <AspNetCorePackagesVersion>7.0.14</AspNetCorePackagesVersion>
     <MicrosoftExtensionsPackagesVersion>7.0.14</MicrosoftExtensionsPackagesVersion>
   </PropertyGroup>-->
-
   <!-- 'Microsoft.AspNetCore' packages that are not included in the ASP.NET Core shared framework -->
   <ItemGroup>
     <PackageVersion Include="Microsoft.AspNetCore.Authentication.Facebook" Version="$(AspNetCorePackagesVersion)" />
@@ -157,11 +145,9 @@
     <PackageVersion Include="Microsoft.AspNetCore.Mvc.Testing" Version="$(AspNetCorePackagesVersion)" />
     <PackageVersion Include="Microsoft.AspNetCore.Owin" Version="$(AspNetCorePackagesVersion)" />
   </ItemGroup>
-
   <!-- 'Microsoft.Extensions' packages that are not included in the ASP.NET Core shared framework -->
   <ItemGroup>
     <PackageVersion Include="Microsoft.Extensions.Caching.StackExchangeRedis" Version="$(MicrosoftExtensionsPackagesVersion)" />
     <!-- Microsoft.Extensions.Http.Resilience is not here because it diverged from the common Microsoft.Extensions versioning. -->
   </ItemGroup>
-
 </Project>
diff --git a/src/docs/resources/libraries/README.md b/src/docs/resources/libraries/README.md
index 16d5464705b..e677f9e6aa6 100644
--- a/src/docs/resources/libraries/README.md
+++ b/src/docs/resources/libraries/README.md
@@ -26,7 +26,6 @@ The below table lists the different .NET libraries used in Orchard Core:
 | [Lucene.Net](https://github.com/apache/lucenenet) | .NET full-text search engine. | [Apache-2.0](https://github.com/apache/lucenenet/blob/master/LICENSE.txt) |
 | [MailKit](https://github.com/jstedfast/MailKit) | A cross-platform .NET library for IMAP, POP3, and SMTP. | [MIT](https://github.com/jstedfast/MailKit/blob/master/LICENSE) |
 | [Markdig](https://github.com/lunet-io/markdig) | .NET Markdown engine. | [BSD-2-Clause](https://github.com/lunet-io/markdig/blob/master/license.txt) |
-| [MessagePack](https://github.com/neuecc/MessagePack-CSharp) | Extremely Fast MessagePack Serializer for C# | [MIT](https://github.com/neuecc/MessagePack-CSharp/blob/master/LICENSE) |
 | [Microsoft.Extensions.Http.Resilience](https://github.com/dotnet/extensions/tree/main/src/Libraries/Microsoft.Extensions.Http.Resilience) | Resilience mechanisms for HttpClient built on the Polly framework. | [MIT](https://github.com/dotnet/extensions/blob/main/LICENSE) |
 | [Microsoft.Identity.Web](https://github.com/AzureAD/microsoft-identity-web) | Helps creating protected web apps and web APIs with Microsoft identity platform and Azure AD B2C. | [MIT](https://github.com/AzureAD/microsoft-identity-web/blob/master/LICENSE) |
 | [Microsoft.SourceLink.GitHub](https://github.com/dotnet/sourcelink) | Source Link enables a great source debugging experience. | [MIT](https://github.com/dotnet/sourcelink/blob/main/License.txt) |