Improper Fallback to msg.sender in claimRefund Enables Unauthorized Refund Claims

Spoofed externalId in onRevert Function Overwrites Legitimate Refunds

Incorrect Fee Deduction in onCall Function Leads to Protocol Loss

Improper ETH Refund Handling in GatewaySend.onRevert()

Boolean Return Assumption in transferFrom() Causes Token Compatibility Issues

Stale exchange rate calculation during redeem() would lead to user getting less amount of tokens

attacker can steal all funds , for whch user has given approval for creating agent

rewards rate of rewards tokens , can be manipulated and reduced , due to logic in _addRewardsForToken

MergeTgt has no handling if TGT_TO_EXCHANGE is exceeded during the exchange period

Improper Fee has been collected in pool Contract on reserve token

when auction failed because of sell pool limit, there is no way to distribute coupons of that period

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`

Users can claim more that their actual allotment

Incorrect referral fee calculations

Vault is vulnerable to inflation attack which can cause complete loss of user funds

there is no check for pending order arrray length in Oracleless.sol

different fees has been taken from different users for same amount of vote bought!

wrong Accounting of market funds in buyVotes could result in lack of funds.

Refund logic of unused relative token in initializeCollection() in Locker.sol is wrongly Implemented.

Incompatibility with Multisig Wallets in `TempleGold::send` Function

Chainlink's `latestRoundData` might return stale or incorrect results

Share price in LenderCommitmentGroup_Smart.sol can be inflated

msg.value used in for loop in mintBatch() will throw error

Users can get their Kerosene stuck until TVL becomes greater than Dyad's supply

If a winner is blacklisted on any of the tokens they can't receive their funds

Precision loss/Rounding to Zero in `_distribute()`