Old router retains token allowance after update

Rounding error in stepDuration calculations.

Minting zero tokens when underlyingToken is not Ether in cashIn()

Since the cost of launching a new pool is minimal, an attacker can maliciously consume VirtualTokens.

wrong use of `initializer` modifier in `MasterAMO.sol` will cause `V2AMO.sol` and `V3AMO.sol` to revert when the `function initialize` is called

Single plot can be occupied by multiple renters

Typehash for ModuleEnableMode struct is incorrect

`IG.sol` mint and burn functions are vulnerable to DOS attack

Not Update Rewards in `handleIncomingUpdate` Function of `SDLPoolPrimary` Leads to Incorrect Reward Calculations

Attacker can exploit lock update logic on secondary chains to increase the amount of rewards sent to a specific secondary chain

Insufficient Gas Limit Specification for Cross-Chain Transfers in _buildCCIPMessage() method. WrappedTokenBridge.sol #210

Lender contract can be drained by re-entrancy in `setPool`

Zero address leads to transaction reverts

Use of magic numbers

For the borrow(), repay() & startAuction() functions in Lender.sol the public visibility modifiers should be changed to external, to help optimize gas usage

Don't initialize `uint/int` variables with default value

Arbitrary transactions possible due to insufficient signature validation