Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Auction winner can prevent payments via `safeTransferFrom` callback

Admin can't burn tokens from blocklisted addresses because of a check in _beforeTokenTransfer

repayLoan can be DOSSed

Anyone can roll a loan

Not setting an init value of lastEpochClaimed[msg.sender] could lead to OOG

Incorrect function flow when using DirectBuyIssuer to fill order.

User won't receive vusd when withdrawing if balance vusd of InsuranceFund == 0

Transferring supported pool tokens while totalsupply == 0 will break `despositFor` for the next user

Missing stale price check from Chainlink oracle

Missing sequencer check for ARB network in `PriceOracle.sol`

_mint and _burn are open to the public

`UniV3SwapInput` doesn't implement a deadline

ethOracle address set to 0

Chainlink returned price not checked

Fee on transfer tokens will break withdrawal of collateral

Reward accounting is incorrect in BathBuddy contract

Some offers can't be cancelled

Insufficient Chainlink feed validation

Frontrun attack possible with Pool.approve

Due to incorrect way of tracking rewards by LP's an attacker can receive an unfair share of yield accumulated in MainVault.sol