Invalid update of checkpointIndex

Anyone steals hook fees via spot price manipulation

Listing creator can manipulate the unlock price

Loss of native tokens due to direct transfer to hooks contracy

DoS on swaps from native token to collateral token

The `setTokenURIAndMintFromRiftAbove` function updates the token URI but does not emit the required URI event

Invalid collection referrer leading to his loss

The user can avoid paying fees for minting tokens

Malicious collection referrer can brick edition

Message digest does not include the type of operation

The `mintBatch` function with multiple tokenIds always reverts

The `_refundExcess` function does not work as whole `msg.value` is forwarder to `FeeManager`

Updated strategy is not reflected in royalty

Lack of protection from signature malleability

[M]

Unprotected `executeModule` function allows to steal the tokens

OFT can be impersonated through `_lzCompose` with multiple compose messages

Nesting remote transfer messages to steal tokens

Unverified `_srcChainSender` parameter allows to impersonate the sender

Front-running with a reduced number of validators to deallocate from another operator

DoS and locked funds caused by lack of epoch increment during EigenLayer settlement

The current idea of ​​creating reETH and accepting several different assets in it exposes RIO users to losses