Liquidation Finalization Fails Due to Mismatched Token/Chain Contexts

Natural Logarithm Function Silently Accepts Invalid Non-Positive Inputs

Precision Loss in Reward Calculations Undermines User Rewards

Locked funds due to underflow in withdrawal

[m-01] Withdraw Calculation Bug

Missing Slippage Protection On Buy And Sell

`AgentDAO::_castVote` doesn't check the array of votes emitted, which determine the number of battles fought in `EloCalculator.sol`, allowing the user to increase the ELO of a contribution unfairly, inflating the maturity/impact of `ServiceNFTs`

[LP-01] Unit Mismatch in Participation Updates to over/under charging during participation updates

Critical Logic Mismatch in updateParticipation() Leads to Guaranteed Reverts or Corrupted Token Allocations

Wrong refundExecutionFee in _handleReturn

Wrong index causes last depositor to always get execution fee refund if cancelFlow is called by keeper to cancel a withdrawal

PerpetualVault withdrawals are affected by global parameter updates

`BaseGauge` users can claim rewards without staking

`GaugeController` does not send funds to FeeCollector disrupting fees distribution and causing loss of funds

Voting Power Snapshot Missing

Timelock Controller Retains Canceled Proposals, Enabling Unauthorized Execution and severe Governance Voting manipulation.

Missing Vote Frequency Control in GaugeController

`MAX_TOTAL_SUPPLY` Bypass in `veRAACToken` via `increase()` Function

veRaac Token Constraint MAX_TOTAL_SUPPLY Can Be Bypassed. Vulnerability Disrupts Protocol Functionality and Undermines Governance Quorum.

Incorrect DebtToken totalSupply Scaling Breaks Interest Rate Calculations

LendingPool deposits do not work with CurveVault due to lack of funds

Workingsupply would always be overwritten in boostcontroller.sol impacting reward calculations

Emergency revoke in RAACReleaseOrchestrator will freeze revoked RAAC tokens in orchestrator

Token Accounting Mismatch Between tick() and mintRewards() in RAACMinter

Inconsistent Scaling in RToken Transfer Functions

Delegated Boost Persists Even If veRAAC Is Withdrawn/Reduced

[L-1] Inaccurate boost calculations in `veRAACToken` due to wrong input parameter

Cordinated group of attacker can artificially lower quorum threshold during active proposals forcing malicious proposals to pass without true majority support.

balanceOf(address(this)) in StabilityPool causes reward distribution to be higher than it should be

Limited veRaac Token Supply Triggers DoS, Hampering Proper Governance Participation.

Emergency Timelock Bypass: No Enforced 1-Day Delay for Emergency Actions

Lack of enforcement of the `MAX_TOTAL_LOCKED_AMOUNT`

Missing Controller Functions in GaugeController

Unauthorized Vote Casting Vulnerability

Missing Pause Functionality in veRAACToken Contract Can Be Abused When Emergency Withdrawal Mechanism Is Activated

Incorrect Timestamp Tracking in RAACHousePrice contract

Missing `BaseGauge::distributionCap` validation leads to over-emission of rewards

Missing Validation for Minimum Vote Weight in `vote` Function

`emergencyUnlockEnabled` Is Never Used, Rendering “Emergency Unlock” Ineffective

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Ineffective proposal threshold validation allows setting arbitrary high values

Incorrect sequence of AaveDIVAWrapper constructor parameters

Rounding Arbitrage (Different Rounding for Trust vs. Distrust)

not adding `claimable` balance to the total assets in `_harvestAndReport` can cause losses.

Old router retains token allowance after update

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`

Users can claim more that their actual allotment

Creator of one vesting plan can affect vesting plans created by other users.

Listing potential can not be purchased with discounted price

updateDownsideProtected() to Deny Service and Cause Protocol Disruption

[M-03] No limit to how many orders can be pushed into pendingOrderIds[], potentially lead to DoS

Incorrect Freshness Logic Validation in PythOracle breaking the entire mechanism for triggering orders

Attacker will Deny Service by Manipulating downsideProtected in updateDownsideProtected()

Potential Integer Division Precision Loss in boostPrice Function Leads to Inaccurate Price Calculations