cancelOrder Vulnerability Enables Reentrancy Attack to Steal Funds

Unused Approval Can Be Exploited to Steal Funds

Users Can Overwrite Orders Within the Same Block to Steal Funds

Inconsistent State Management: EthereumTx StateDB Overriding CallContract Results

Gas is not consumed when precompile method fail, allowing resource consumption related DOS

Unlimited Nibi could be minted because evm and bank balance are not synced when staking

Hardcoded gas used in ERC20 queries allows for block production halt from infinite recursion

Nibiru's bank coin to EVM balance tracking logic is completely broken for rebasing tokens and would lead to leakage/loss of funds when converting

ERC20 Transfer Fails With Non-Compliant Tokens Missing Return Values

Bridge requests to remote chains where interchain tokens are not deployed can result in DoS attacks

TokenBalance limit could be bypassed by deploying TokenManager

The amount of `xezETH` in circulation will not represent the amount of `ezETH` tokens 1:1

Withdrawals logic allows MEV exploits of TVL changes and zero-slippage zero-fee swaps

Deposits will always revert if the amount being deposited is less than the bufferToFill value

_getLiabilities uses borrowBalanceStored instead of borrowBalance

LMPVaultRouterBase would still pull WETH token after processing ETH in

Liquidation mechanism is useless cause any arbitrary address can call IBaseRewardPool.getRewards

Curve V2 Vaults can be drained because CurveV2CryptoEthOracle can be reentered with WETH tokens

LiquidatorRow.liquidateVaultsForToken won't work cause tokens are not transferred to asyncSwapper

It is possible to lock in loss for other users by not calling updateDebtReporting before withdraw

Rewards of LMPVault in DestinationVault.rewarder could be stolen with flashloan

Formula for collecting fee in LMPVault._collectFees is wrong

LMPVault.updateDebtReporting could underflow because of subtraction before addition

price is calculated wrongly in BoundedStepwiseExponentialPriceAdapter

Incorrect liquidation reward computation causes excess liquidator rewards to be given

Funds are locked because borrowFee is not correctly implemented in BigBang

`ARBTriCryptoOracle` is vulnerable to read-only reentrancy

There is no mechanism to track and resolve bad debt

`SGLBorrow::repay` and `BigBang::repay` uses `allowedBorrow` with the asset amount, whereas other functions use it with share of collateral

[MB01] Inadvised hardcoding of pool address in `AaveStrategy.sol`

Refunds are sent to recipient instead of requester when orders are cancelled

Unused ETH are not sent back in ArrakisV2Router.addLiquidityPermit2 when token0 is WETH

ChainLinkOraclePivot uses the same outdated timestamp for all feeds

amount1 would be zero when sqrtRatioX96 == sqrtRatioAX96

Oracle price could be stale

Use sequencer oracle before deploying to arbitrum or optimism

SetToken could be locked if they enable USDT as borrowed asset on Ethereum network

invokeTransfer could cause fund to be lost for tokens that return false and don't revert

Use SafeERC20 for transfers