Allocation per user is incorrectly calculated in "updateParticipation()"

Users can force auctions to fail by redeeming large amounts right before auction ends

Blocklisted bidder can force auction to fail

Incorrect event emitted in `setUpdateWeightRunnerAddress()` function

User can withdraw part of order funds after order was executed

Pseudo-random `orderId` allows to drain protocol

Malicious order executor can completely dran protocol

ETH will be sent to wrong address during liquidation

Lack of access control in `executeSetterFunction()`

Excess ETH sent during liquidation will be stuck forever

User's funds are not transfered during liquidation

Wrong calculation of entry fees leads to overpayment of fees

Wrong calculation of marketFunds leads to losses for other markets.

Lack of slippage protection fot ETH spend/received in ReputationMarket.sol

NFT will be locked in buyOrder

Incentives will not be updated in updateFunds() function

Previous owner can steal unclaimed bribes from new owner of veNFTVault

Protocol does not work with fee-on-transfer tokens

Repayment will revert due to wrong balance mismatch check

Anyone can break accounting of rewards from Convex

StrategyPassiveManagerVelodrome does not take into account unharvested fees

`Keepers` does not implement EIP712 correctly on multiple occasions

`maxDeposit`, `maxMint`, `maxWithdraw`, and `maxRedeem` functions do not return 0 when they should

Anyone can steal pool shares from lender group if no-revert-on-failure tokens are used

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

Attacker can frontrun to prevent vaults from being removed from the dNFT owner's position

Highest bidder can cancel his bid

Missing zero amount check may lead to loss of funds

All claimed rewards will be lost for the users using the account abstraction wallet

Incorrect removal of a council member

Missing deadline check allow pending transactions to be maliciously executed