Refund Can Be Claimed by Unauthorized User if Wallet Address Is Not Exactly 20 Bytes

Incorrect Fee Deduction in onCall Leads to User incorrect payment

ERC20 Non-Standard Return Value Compatibility (USDT Transfer Failure)

ETH Refund Failure in onRevert() Function

Malicious Revert Can Overwrite Legitimate Refunds via onRevert Function

Redemption Logic Uses Stale Exchange Rate, Causing Under-Crediting of Users

Anyone can delay reward distribution by calling notifyRewardAmount with minimal Deposits

MergeTgt has no handling if TGT_TO_EXCHANGE is exceeded during the exchange period

Reward manipulation vulnerability in StabilityPool

Treasury Balance Tracking Bypass in FeeCollector

Incorrect Return Values and Double Scaling in `RToken.burn` Function Leads to Denial of Service

Emergency revoke in RAACReleaseOrchestrator will freeze revoked RAAC tokens in orchestrator

`RAACReleaseOrchestrator::emergencyRevoke()` fails to update `categoryUsed`, leading to token lockup and incorrect accounting

Emergency Withdrawals in `FeeCollector` will break Fee Distribution Logic

Emission Rate can be Manipulated (Locked, Higher or Lower)

pause will lower the rewards for time that the system operated actively

There is inconsistency in fee taken on reserve in pool contract

Bond holders distribution will be incorrect when auction is failed due to sale pool limit

There will be precision loss in pool contract

Old router retains token allowance after update

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`

Users can claim more that their actual allotment

Incorrect referral fee calculations

Creator of one vesting plan can affect vesting plans created by other users.

Attacker can steal funds of depositor due to inflation attack

Lack of access control in `updateDownsideProtected` function leads to malicious things

Attacker can drain funds by passing incorrect price of USDa-USDT in `redeemUSDT` function

`calculateCumulativeRate` updated wrongly in `_withdraw` leads to wrong interest calculation

Fees on `buyVotes` are wrongly added in `marketFunds`

Fees are also collected on refund amount at the time of buying votes

Lack of slippage protection in `sellVotes` function

Lack of slippage protection leads to loss of protocol funds

Wrong check in `LVDepositNotPaused` modifier leads to unintended behaviour

Number of entities in generation can surpass the 10k number

Wrong minting logic based on total token count across generations

Users' ability to nuke will be DoSed for three days after putting NFTs up for sale and cancelling the sale

Imprecise token age calculation results in an incorrect nuke factor, causing users to claim the wrong amount

Chainlink's `latestRoundData` might return stale or incorrect results