Denial of Service in Native Token Redemption

Signature Replay Vulnerability in Multi-Signature Scheme

Mismatch in Deposit Request Handling and Claim Eligibility in DepositQueue

Logical Error in Transfer Whitelist Check Leading to Unintended Restrictions

Incorrect Indexing Leads to Locked Funds and State Corruption in `cancelDepositRequest`

Incompatible ETH Handling: A Critical Barrier to Curve Pool Staking in CurveConvex2Token

Title: Critical Vulnerability: Stuck Funds in EthenaCooldownHolder due to Zero Cooldown Duration Handling

DoS Vulnerability in Get Key Functions

ZRC20 Mismatch in withdrawToNativeChain Enables Arbitrary Token Theft via Crafted Swap Message

`decoded.targetZRC20` Trust Issue Enables Unauthorized Token Withdrawal

Incorrect Fee Deduction During Swap in `onCall` Function

ETH Cannot Be Used as `fromToken` Due to `approve` Call

Fee Deduction Does Not Reflect in `msg.value`, Causes Overdraw or Incorrect Swap for ETH

Fake UniswapV2 Pool Detection Allows DoS via Crafted Token Transfers

Unauthorized Withdrawal via Exposed withdraw Function Leads to Token Theft and Denial of Refund

Swap Slippage Not Enforced — Front-Running Enables Excessive Token Consumption

Strict ERC20 Interface Causes Transfer Failures with Non-Compliant Tokens

Incorrect Tier Boundary Update on Staker Count Change Causes APY Miscalculation

Tier History Griefing: Unbounded Tier Events Cause DoS Risk on calculateUnclaimedInterest

Incorrect Variable Used for Tax Calculation in removeValueSingle function

Double Tax Deduction and Vault Under-withdrawal in Closure.removeValueSingle

Unauthorized Token Drain via payWithERC20 Due to Unrestricted External Calls

Unverified Worker Can Lock Deployment Process in BlueprintCore

Signature Replay Attack in updateWorkerDeploymentConfigWithSig Allows Unauthorized Fund Draining

Unintended Constraint on _resetVestingPlans Leading to DoS

Unauthorized Updates to `downsideProtected` Causing Reverts and Incorrect Calculations

Incorrect Deduction of update of total cds deposited Amounts During CDS Withdrawal Process

Missing `lastEventTime` Update in Borrowing Liquidation Function Leads to Stale Cumulative Rate Calculations

Mismanagement of Treasury Interest in treasury `withdrawInterest` Function

Mismanagement of `usdaGainedFromLiquidation` During Liquidation

Exchange Rate Fluctuation Causing Reverts in CDS `Withdraw` for `weETH`and `rsETH`

Underflow Risk in `cdsProfits` Calculation Due to Borrower Debt Growth in the borrowing `liquidate` function

Unused `cdsDepositDetails.lockingPeriod` Variable

Stale `lastCumulativeRate` Used in Borrower Deposit and Borrower Withdrawal Calculations

Incorrect Sequence in `calculateCumulativeRate` Call During borrowing Withdrawal

Mismanagement of `omniChainData.totalVolumeOfBorrowersAmountinWei` Leads to Inaccurate Calculations Across the Protocol

Inaccurate marketFunds Updates in ReputationMarket Contract

NFT Lock-In Vulnerability in BuyOrder Contract