Tokens can be stolen from GatewaySend and GatewayCrossChain

Unsafe ERC20 transfer in GatewaySend

The liquidation validation logic is wrong

Mishandling of receiving HYPE in the StakingManager , lead to user can't confirm withdrawal and inflate the exchange ratio

Missing withdrawal pause check in `confirmWithdrawal` allows bypassing withdrawal restrictions

Multiple Delegation by Double Spending Boosts and Lack of Delegation Tracking in BoostController Contract

Delegation Boost Not Usable by Delegatees

Gauge period cannot be updated

`GaugeController` does not send funds to FeeCollector disrupting fees distribution and causing loss of funds

Reward manipulation vulnerability in StabilityPool

Incorrect Reward Claim Logic in FeeCollector::claimRewards Causes Denial of Service

Users can borrow more assets than they have deposited as collateral

RToken is Not Interest Bearing Due to Broken Liquidity Index Calculation

Boost Miscalculation Leads to Excess Distribution

Ownership Parameter Mismatch in LendingPool’s Vault Withdrawal Logic

Treasury Balance Tracking Bypass in FeeCollector

Untracked Direct Fee Transfers from RAACToken to FeeCollector Break Fee Distribution System

Ineffective Time-Weighted Average Implementation in Fee Distribution

Gauge reward system can be gamed with repeatedly stake/withdraw

Missing Vote Frequency Control in GaugeController

`MAX_TOTAL_SUPPLY` Bypass in `veRAACToken` via `increase()` Function

Incorrect Return Values and Double Scaling in `RToken.burn` Function Leads to Denial of Service

LendingPool deposits do not work with CurveVault due to lack of funds

Multiple Critical Calculation And Logic Errors in `RToken::mint/burn` Function

There is no logic checking for RAACNFT price staleness before minting it

Emergency Withdrawal Remains Active After Cancellation

Time-skew Attack in RWAGauge Weight Calculations Through Precision Gaming

Multiple Token Management Lets Withdraw a Token Different than Deposited Token

Cordinated group of attacker can artificially lower quorum threshold during active proposals forcing malicious proposals to pass without true majority support.

Incorrect boost calculation in `BoostController#_calculateBoost()` can be exploited to gain an unfair advantage in reward distribution

balanceOf(address(this)) in StabilityPool causes reward distribution to be higher than it should be

Users Cannot Remove Their Own Boost Delegation, Causing Potential Lock-In

Missing Controller Functions in GaugeController

Emergency withdraw functionality in veRAACToken takes longer than expected

Incorrect Initialization of minBoost in BaseGauge Constructor Breaks Core Contract Functionality

Missing Checkpoint Reset in `veRAACToken::emergencyWithdraw` Function

`FeeCollector::updateFeeType` wrong fee share validation leads to impossible update for some fee types

Insufficient ETH Forwarding in Governance Execution Mechanism Causes Proposal Failures

Missing Validation for Minimum Vote Weight in `vote` Function

BoostController Bypasses Boost State Tracking System

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

`generateOrderId` generates duplicate order IDs

Funds in `OracleLess.sol` can be drained

`offer.maxDeadline` is used instead of `extendedTime` when calculating the fee

Incorrect calculation of `extendedTime`

Lack of Validation for `tierConfigs[i].minted` Value in New Tiers During DAO Membership Update

No enforcement of max members for sponsored DAO allows more users to join crossing the max cap

Exposed `_removeCredIdPerAddress` & `_addCredIdPerAddress` allows anyone to cause issues to current holders as well as upcoming ones