`OUSGInstantManager` will allow Excessive OUSG Token Minting During USDC Depeg Event

Admin can't burn tokens from blocklisted addresses because of a check in _beforeTokenTransfer

The `BURNER` cannot burn tokens from accounts not KYC verified due to the check in `_beforeTokenTransfer`.

Owner of a position can prevent liquidation due to the 'onERC721Received' callback

Users can lend and borrow above allowed limitations

An attacker can easily bypass the collateral value limit factor checks

User can evade `liquidation` by depositing the minimum of tokens and gain time to not be liquidated

First depositor can break staking-rewards accounting

Attacker Can Inflate LP Position Value To Create a Bad Debt Loan

Wrong Sablier contract is being called in `_retrieve()`

Wrong array indices are being used to topUp the staking contracts

Burning the CouncilMember token will break the contract

The CouncilMember contract will be completely broken because the Sablier stream reverts when withdrawing 0 amounts

The TWAP interval is too short which makes manipulating the price easier

The userGaugeProfitIndex is not set correctly, allowing an attacker to receive rewards without waiting

Re-triggering the `canOffboard[term]` flag to bypass the DAO vote of the lending term offboarding mechanism

Malicious borrower can decrease Guild holders reward

ETHCrowdfundBase.sol#processContribution - Impossible to finalize crowdfund because of minContribution check

Some arbitrary proposal calls will fail because executeProposal() in ProposalExecutionEngine is not payable

Soft Restricted Staker Role can withdraw stUSDe for USDe

``FULL_RESTRICTED`` Stakers can bypass restriction through approvals

Unable to retrieve price information with CamelotRelayer contract

Test addresses and incorrect interface in code prevent integration with UniswapV3 and Camelot

Due to extremely short `votingDelay` and `votingPeriod`, governance is practically impossible.

`ODSafeManager#allowSAFE()` cannot be executed either by the proxy contract or any other address.

If RootBridgeAgent.lzReceiveNonBlocking reverts internally, the native token sent by relayer to RootBridgeAgent is left in RootBridgeAgent

The governance will fail to add an ecosystem token if someone creates a hToken that uses that ecosystem token

The registry is set to a wrong address in the Anchor constructor.

The voiceCredits of the allocator are not updated when he allocates his voice credits

The QV strategy does not accept ether

Fee on transfer tokens can cause problems when distributing funds

Allocator voiceCreditsCastToRecipient is incremented by the totalCredits instead of the new credits

`OUSGInstantManager` will allow Excessive OUSG Token Minting During USDC Depeg Event

Admin can't burn tokens from blocklisted addresses because of a check in _beforeTokenTransfer

The `BURNER` cannot burn tokens from accounts not KYC verified due to the check in `_beforeTokenTransfer`.

Users will fail to close their Convex position if the Curve pool is killed

`rngComplete` function should only be called by `rngAuctionRelayer`

Use Openzeppelin Minimal Clones to Save a Lot of Gas

Use nested `if` statements instead of logical AND (`&&`)

Events may be emitted out of order due to reentrancy

There is a vulnerability in the executeFlashloan function of the PeUSDMainnet contract. Hackers can use this vulnerability to burn other people's eUSD token balance without permission

Incorrect function call in LybraRETHVault's getAssetPrice

Missing checks for whether L2 Sequencer is active

function `restructureCapTable()` in Equity.sol not functioning as expected

User can possess less value than before when `V2Migrator.migrate` function is called to give up bathTokenV1 tokens and hold bathTokenV2 tokens