Flawed Token Minting Calculation in `supply` Function

Flawed State Cleanup Logic in `_updateRepaymentState`

Erroneous Liquidity Validation in Borrow Function

Unprotected Deployment Request Submission Enables Unauthorized Worker Hijacking

Improper Reward Distribution: Period Extension vs Rate Adjustment

Incorrect Token Allocation Update in `updateParticipation`

Wrong refundExecutionFee in _handleReturn

Loss of fee refund due to premature state deletion in `PerpetualVault::_handleReturn` function

Incorrect Token Price Validation in KeeperProxy

`GaugeController` does not send funds to FeeCollector disrupting fees distribution and causing loss of funds

Incorrect Reward Claim Logic in FeeCollector::claimRewards Causes Denial of Service

Boost Miscalculation Leads to Excess Distribution

Lack of Access Control in BoostController::updateUserBoost Leading to Unauthorized Delegation Overwrite.

`MAX_TOTAL_SUPPLY` Bypass in `veRAACToken` via `increase()` Function

`RToken::calculateDustAmount` are incorrectly calculated, leading to not be able to transfer the accrued dust amount

Treasury Contract Deposit Function Can Be Frontrun To Deny Protocol Operations

RAACToken burns less tokens than expected when feeCollector is unset

Flawed Boost Multiplier Calculation Always Yields Maximum Boost

Missing Update of `lastUpdateTime` in `updatePeriod()

Missing Predecessor Check in `executeEmergencyAction()` function

Liquidity rate calculation applies protocol fee as a discount instead of charging it in ReserveLibrary

Irreversible emission cap reduction in BaseGauge

Unauthorized Vote Casting Vulnerability

Incorrect Initialization of minBoost in BaseGauge Constructor Breaks Core Contract Functionality

`FeeCollector::updateFeeType` wrong fee share validation leads to impossible update for some fee types

`_distributeToGauges` is venerable to outOfGas

Incorrect Values Returned in ReserveLibrary `withdraw` Function

Missing Check for Gauge Activation Status in vote :: GaugeController.sol

Inconsistent time boundary check in `Governance::state` and `Governanane::castVote`

Improper Handling of Predecessor Dependencies in Batch Scheduling and Execution

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Fee Evasion via LP Token Transfer Resets Deposit Value

Critical Precision Loss in MultiHopOracle Price Calculations

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`

Users can claim more that their actual allotment

Incorrect referral fee calculations

Pyth Oracle will accept stale price data

Minting zero tokens when underlyingToken is not Ether in cashIn()

Funds Tracking Vulnerability in Market Funds Calculation

Malicious actors will steal tokens from KYC users through front-running