Rounding Directions can result in Taking the initial liquidity

`ReputationMarket::buyVotes()` includes Fees paid in Market Funds

Users Can completely Drain The contract Because of the Non-Linear Bonding Curve Buying/Selling architecture

`ReputationMarket::sellVotes()` has no Slippage Protection

Subtraction in `variance()` will revert due to underflow

Potential underflow vulnerability in score range calculation of `LLMOracleCoordinator::finalizeValidation`, leading to DoS.

Platform fees withdrawal will sweep oracle agents earned fees

Unrestricted validation score range for validators in `LLMOracleCoordinator::validate`.

Update state requests or Purchase requests occurring at the end of the phase will not process

Inaccurate best response selection in `LLMOracleCoordinator::getBestResponse`.

`FjordAuction` incorrect `block.timestamp` check allows users to bid after calling `auctionEnd` to claim more tokens than they should

[H-01] Auction tokens will be lost forever when auction ends without bids

`Tokens` Are Automatically Whitelisted Upon Creation And Binding Even When `_whiteListEnabled == false`

The Bridging Process will revert if the Collection is matched on the destination chain and not matched on the source chain

Infinite loop breaks whitelist removal funtionality on L2

`Bridge` is unable to transfer ownership and upgrade on `ERC721Bridgeable`

`L2Bridge` is incompatible with ERC721 that returns `felt252` for strings

Starknet tokens deposited with use_withdraw_auto can never be withdrawn

Tokens irrecoverable by owner on L1 if not an `ERC721` receiver

Reentrancy attack to make an NFT unbridgeable

Upon the transfer of an escrowed NFT from the bridge to the user on StarkNet, the escrow status remains unaltered, failing to be reset

Incorrect function signatures in `_callBaseUri` break `baseURI` functionality

_disableInitializers is missing in Bridge’s constructor

function erc721Metadata returns empty base uri instead of token uris

Existed collections are not whitelisted when Bridging

`depositTriple()` will get `DOS'ed` if `atomDepositFraction` is set to zero

Changing `atomWarden` will result in losing `atomWalletInitialDepositAmount` for Created and not Deployed Atoms

Reverting when the AA Wallet is already deployed violates ERC4337

Single-step ownership transfer mechanism by `OwnableUpgradeable`

Unchecking passed value in `setAtomDepositFractionForTriple()` to feeDenominator

Design flaw and mismanagement in vault licensing leads to double counting in collateral ratios and positions collateralized entirely with kerosine

Flash loan protection mechanism can be bypassed via self-liquidations

Unable to withdraw Kerosene from `vaultmanagerv2::withdraw` as it expects a `vault.oracle()` method which is missing in Kerosene vaults

No incentive to liquidate small positions could result in protocol going underwater

Value of kerosene can be manipulated to force liquidate users

setUnboundedKerosineVault not called during deployment, causing reverts when querying for Kerosene value after adding it as a Kerosene vault

The Highest Bidder can steal the collateral and win the auction without paying

No Fees state makes the Auction process insolvable

Any fee claim lesser than the total `yieldFeeBalance` as unit of shares is lost and locked in the `PrizeVault` contract

Funds locked due to missing transfer check

The winner can steal claimer fees, and force him to pay for the gas

Validators can stake greater than `validatorMaxStake`

Zeta Observer nodes are not listening to `internal TXs`, which makes Smart Contract Wallets users' funds locked when making `Omnichain calls`.

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Attacker can reenter to mint all the collection supply

Adversary can block `claimAuction()` due to push-strategy to transfer assets to multiple bidders

Vulnerability in burnToMint function allowing double use of NFT