Attackers can override others' orders by generating the same `orderId`.

When an order is canceled, its information remains intact.

PythOracle will provide outdated prices.

In the `ReputationMarket.sellVotes()` function, `protocolFee` should also be deducted from `marketFunds` because `protocolFee` is already sent.

Buyers pay more fees unfairly when buying votes.

Improper implementation of the `PositionMarginProcess.updatePositionFromBalanceMargin()` function.

Incorrect `collateralUserCap` check in the `AssetsProcess.deposit()` function.

No modifications to the `CommonData` while updating the position margin.

The `AccountFacet` contract lacks a gas refund mechanism for the keeper.

`AccountingManager::resetMiddle` will not behave as expected

Withdrawals in AccountManager are prone to DOS attacks.

`Edition::mintBatch` receives less money than it should.

`FeeManager::_splitProtocolFee` doesn't send the `collectionReferrerShare` to the correct referrer.

`Edition::mintBatch` is always reverted.

`Edition::_refundExcess` doesn't refund to the buyers.

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

Design flaw and mismanagement in vault licensing leads to double counting in collateral ratios and positions collateralized entirely with kerosine

Kerosene collateral is not being moved on liquidation, exposing liquidators to loss

Users can get their Kerosene stuck until TVL becomes greater than Dyad's supply

Missing enough exogeneous collateral check in `VaultManagerV2::liquidate` makes the liquidation revert even if (DYAD Minted > Non Kerosene Value)

Unable to withdraw Kerosene from `vaultmanagerv2::withdraw` as it expects a `vault.oracle()` method which is missing in Kerosene vaults

Attacker can frontrun to prevent vaults from being removed from the dNFT owner's position

No incentive to liquidate when CR <= 1 as asset received < dyad burned