Treasury Contract Deposit Function Can Be Frontrun To Deny Protocol Operations

Pending fee not cleared and overwritten by updates via updateFeeType()

closeLiquidation within LendingPool does not allow partial repayments, which can cause massive losses to users within edge case

Overwriting Previous Allocations in allocateFunds May Lead to Loss of Cumulative Allocation Data

Lack of incentives for users to call LendingPool::initiateLiquidation allows extensive delay between when health factor dropped below threshold and when grace period starts

quantAMMSwapFeeTake used for both getQuantAMMSwapFeeTake and getQuantAMMUpliftFeeTake.

missing implementation for a function to change upliftFee

Unrestricted validation score range for validators in `LLMOracleCoordinator::validate`.

`SablierFlowBase` Lacks `EIP-165` Compliance for `EIP4906` Interface Support

No LSTs transfer on node operator withdrawals resulting in stuck funds and loss for node operators

Oversight while Updating the basis fee in staking pool without updating rewards strategy

No way to update unbonding and claim periods

`Tokens` Are Automatically Whitelisted Upon Creation And Binding Even When `_whiteListEnabled == false`

There is No `msg.value` check in `depositTokens`, causing potential token stuck

Potential Blockage of User Withdrawals When Bridge is Disabled in `withdrawTokens`

_disableInitializers is missing in Bridge’s constructor

Factory deployments won't work correctly on the ZKsync chain

Protocol not fully compliant with `EIP-7579`

```LibWstethEthOracle::getWstethEthPrice``` returns wrong ```wstETH/ETH``` price in some conditions impacting system operations

LibEthUsdOracle returning wrong price on `minAnswer`, impacting fertilizer minting

Use custom gas in `sendMintMessage` instead of default gas

Create Pool in Mock Distribution is missing validations; allowing duplicates, wrong decreaseInterval value and payoutStart value

The `editPool()` lacks a sanity check on the `payoutStart` parameter leading to incorrect or unfair reward distributions

A user can steal an already transfered and bridged reSDL lock because of approval

SINGLE STEP OWNERSHIP TRANSFER PROCESS

Insufficient Gas Limit Specification for Cross-Chain Transfers in _buildCCIPMessage() method. WrappedTokenBridge.sol #210

No validation for `_amount` in migrate function