Unrestricted Reward Addition Leading to Reward Dilution

Exploitable Vulnerability in redeemUSDT Function Allows Protocol Draining

Critical State Handling Vulnerability in TransferFrom Function

Reuse of Previously Signed excessProfitCumulativeValue in cds.sol::withdraw Function

Deadline Validation Flaw in BorrowLib.sol Allows Early and Late Option Renewals

A malicious user can effectively block LiquidationType1

Lack of modifier on updateDownsideProtected

Denial of Service Vulnerability in Multisign Governance Execution

Risk of Option Fee Evasion Due to Unchecked Volatility Parameter in DepositTokens

Unrefunded Excess ETH in Contract

Manipulating Consecutive Deposits to Exploit Protocol Funds

An attacker could block the full utilization of a user's lending offer, leading to funds being permanently locked in the contract.

ZeroLendOne Protocol would not Operate on it's intended chain of deployment!

Liquidity Lockdown: Zero Allocation Bug Traps Assets in Vulnerable Markets!

M-1: Delisted asset can still be borrowed against

[H-3]: Toggle Pause does not take effect

WhenNotPaused modifier in the CDPVault can be bypassed by users

`SwapAction.sol#balancerSwap` does not support native ETH as input token.

Incorrect Return Value in `CompoundConnector.getBorrowBalanceInBase()` Affecting TVL Calculation

Incorrect modifier condition