Incorrect withdraw queue balance in TVL calculation

Pending withdrawals prevent safe removal of collateral assets

Deposits will always revert if the amount being deposited is less than the bufferToFill value

The Edition_Publisher can put himself as collection referrer after creation of the edition and steal the referrers profits.

ITO depositors will lose part of their ZVE allocation, since the calculation is based on TotalSupply, which becomes dynamic the moment ITO ends and migrateDeposits is called.

A malicious actor can withold up to 25% of rewards from ZivoeRewards for multiple months for all users at no cost

Highest bidder can withdraw his collateral due to a missing check in _cancelAllBids

V3Oracle susceptible to price manipulation

V3Vault is not ERC-4626 compliant

PrincipalToken is not ERC-5095 compliant

Malicious user can stake an amount which causes zero curStakeAtRisk on a loss but equal rewardPoints to a fair user on a win

Since you can reroll with a different fighterType than the NFT you own, you can reroll bypassing maxRerollsAllowed and reroll attributes based on a different fighterType

Fighters cannot be minted after the initial generation due to uninitialized `numElements` mapping

NFTs can be transferred even if StakeAtRisk remains, so the user's win cannot be recorded on the chain due to underflow, and can recover past losses that can't be recovered(steal protocol's token)

`VaultBooster`: users tokens will be stuck if they deposited with unsupported boost tokens

Multiple missing & wrong hardcoded addresses in Oracles

Infinite minting & burning of USSD token due to missing Access Control

[M-01] Did not Approve to zero first