Manipulating Uniswap V3 Spot Price Lets Attackers Mint Excess Shares or Redeem Extra Assets

ERC-4626 maxDeposit/maxMint overstate acceptance limits, violating MUST-spec and causing reverts

`set_invocation_costs_config()` fails to authorize admin allowing anyone to set invocation costs

`twap()` under-charges for multi-period queries due to hardcoded `periods=1`

Systematic Overcharge in prices and x_prices: Fee Charged for Requested Records While Return is Capped at 20

Bucket Accrual Reset Lets Anyone Nullify Rewards via stake/unstake

Old trades can claim rewards from before the program started

First staker after idle unfairly earns past idle time

Retroactive mint rate application backdates emissions to past time windows

Precision-grief in rewards accrual lets attackers permanently truncate payouts especially for WBTC

First-Time Incentive Activation Causes Over-Accrual of Rewards Due to Stale Pool Timestamp

Missing boolean and one-hot constraints for instruction flags

Mersenne31 word range check is not checking the range

wrong sign handling when x == 0 produces non-canonical / out-of-range x = p

USDT and Non-Standard ERC20 Token Transfers Cause Transaction Reverts in Zapping Proxy

Incorrect `canTransfer` Check Logic Causes Revert on Whitelisted Sender

Out-of-Gas (OOG) Errors Due to Unbounded Loop Over Operators

ERC20.approve Used Instead of Safe Approvals causing failure for USDT and some tokens

Static Slippage Parameter in `_swapAndSendERC20Tokens()` Causes Swap Reverts And Economic Losses

Unhandled Bad Debt in the Liquidation Flow

USDT ERC20 transfer handling could break core functionality

Insufficient Transaction Broadcast Timeout in EVM Chains

Missing Nonce Reset During TSS Address Update Allowing Signature Replay

Sqrt function silently reverts the entire control flow when a packed float of 0 value is passed

Unauthorized Token Transfers Due to Public payWithERC20 Function

Incorrect calculation of user tokens when previous currency amount is greater than new currency amount

Incorrect Handling of Intermediate Token Balance in Two-Hop Swaps

Missing Timestamp Validation for Pyth Oracle Price Feeds Leading to Stale Data Use

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`

In `transferVesting`, the `grantorVesting.releaseRate` is calculated incorrectly, which leads to the sender being able to unlock more tokens than were initially locked.

Users can claim more that their actual allotment

ERC20.approve Used Instead of Safe Approvals, Causing Pool Failures with Some ERC20s

Unused Allowance Causing Reverts in execute Function

Integer Division Truncation Leading to Unexpected Reward Distribution

Anyone can manipulate user nonce (nonce_manager) in settlement contract