Liquidations Can Be Permanently Blocked via `getLiquidationBonus()` Unsigned Underflow (Insolvent-but-Unliquidatable Accounts)

`RiskEngine::_getRequiredCollateralAtTickSinglePosition()` Fails to Accumulate Credits Across Multiple Legs, Leading to Potential Erroneous Liquidations

Division-by-zero in long-leg collateral requirement can block solvency checks and `dispatchFrom` (liquidation/force-exercise) for tickSpacing==1 pools

Incorrect `UPPER_118BITS_MASK` Mask in `OraclePackLibrary` Causes Unexpected Clearing of `EMAs` and `lockMode` in `OraclePack`

Decay integral mis-scales interest to near zero

Underwater borrowers cause socialized collateral loss via redemption

WriteOff skips redistribution when sole borrower, creating insolvency

Interest accrual can be permanently frozen via wadExp underflow

Global Variable Manipulation During Active Draw Alters End Result

Incorrect ticket price reference in JackpotBridgeManager causes user overpayment after price updates

`set_invocation_costs_config()` fails to authorize admin allowing anyone to set invocation costs

Systematic Overcharge in prices and x_prices: Fee Charged for Requested Records While Return is Capped at 20

Expiration vector length mismatch causes panic in extend_ttl() when assets are added with zero initial expiration period

`twap()` under-charges for multi-period queries due to hardcoded `periods=1`

Emergency resolution resolves active epoch, enabling mid-epoch claims and exploitation

Static signatures bound to caller revert under ERC-4337, causing DoS

`BaseAuth.recoverSapientSignature` returns a constant instead of signer image hash, breaking sapient signer flows

Assets deposited before calculating shares amount to mint will cause users to mint less shares.

Malicious pool address allows complete drainage of Diamond contract funds

Protocol will under-credit compounding maker fees to liquidity providers

Protocol users will experience unintended liquidity operations on neighboring positions

Unfair principal slashing when burning via NFT (JIT penalty mis-trigger)

NFT mints block after 16 assets due to NFTManager ownership

Sole compounding makers will have funds permanently locked when attempting full withdrawal

Timed ownership transfer mechanism permanently blocks governance operations

`GTELaunchpadV2Pair::burn` over-estimates distribution amounts when there are non-zero accrued launchpad fees

Total reward shares for token can reach zero after unlocking, causing `GTELaunchpadV2Pair` to be bricked

`LaunchToken` transfers cause staking rewards to be lost to the `LaunchPad`