`SettlementBranch._fillOrder` does not guarantee the collateral of a position is enough to pay the future liquidation fee.

Insufficient checks to confirm the correct status of the sequencerUptimeFeed

Missing calls to `_updateTokenInRegistry` leads to incorrect state of tokens in registry

Camelot and Aerodrome Connector TVL susceptible to manipulation attack

Using the same heartbeat for multiple price feeds

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

No incentive to liquidate small positions could result in protocol going underwater

DoS in `MergingPool::claimRewards` function and potential DoS in `RankedBattle::claimNRN` function if called after a significant amount of rounds passed.

Missing deadline check allow pending transactions to be maliciously executed

Fees are hardcoded to 3000 in ExactInputSingleParams

`costInEuros` calculation will incur precision loss due to division before multiplication

Anyone with TST tokens can monitor the mempool and frontrun mint/burn functions to get EUROs rewards without even staking.

Incorrect function call in LybraRETHVault's getAssetPrice

Branch Strategies lose yield due to wrong implementation of time limit in BranchPort.sol

Wrong consideration of blockformation period causes incorrect votingPeriod and votingDelay calculations

[M-01] Some functions in Talos contracts does not allow user to supply slippage and deadline, which may cause swap revert

RestakeToken function is not permissionless

_calculateMaxBorrowCollateral will return the wrong ltv if eMode is enabled

Chainlink latestanswer is deprecated

Exchange Rate can be manipulated

weird erc20 tokens will not work properly with erc20 prizes

Risk of silent overflow in reserves update

An attacker can manipulate the preDepositvePrice to steal from other users.

Reth.sol: Withdrawals are unreliable and depend on excess RocketDepositPool balance which can brick the whole protocol

Stuck ether when use function `stake` with empty `derivatives`(`derivativeCount` = 0)

A user can manipulate Loantoken balance to manipulate shares in a grieving attack

A malicious User can steal the funds of others with TransferFrom

Admin removing rewardtoken issues no warning to users

Bad implementation in minter access control for `RabbitHoleReceipt` and `RabbitHoleTickets` contracts