Global Variable Manipulation During Active Draw Alters End Result

staking or unstaking before SuperDCAStaking::accrueReward is called will cause rewards tokens not to be minted

Old router retains token allowance after update

Rounding error in stepDuration calculations.

Minting zero tokens when underlyingToken is not Ether in cashIn()

Since the cost of launching a new pool is minimal, an attacker can maliciously consume VirtualTokens.

wrong use of `initializer` modifier in `MasterAMO.sol` will cause `V2AMO.sol` and `V3AMO.sol` to revert when the `function initialize` is called

Single plot can be occupied by multiple renters

Typehash for ModuleEnableMode struct is incorrect

`IG.sol` mint and burn functions are vulnerable to DOS attack

Not Update Rewards in `handleIncomingUpdate` Function of `SDLPoolPrimary` Leads to Incorrect Reward Calculations

Attacker can exploit lock update logic on secondary chains to increase the amount of rewards sent to a specific secondary chain

Insufficient Gas Limit Specification for Cross-Chain Transfers in _buildCCIPMessage() method. WrappedTokenBridge.sol #210

Lender contract can be drained by re-entrancy in `setPool`

Zero address leads to transaction reverts

Use of magic numbers

For the borrow(), repay() & startAuction() functions in Lender.sol the public visibility modifiers should be changed to external, to help optimize gas usage

Don't initialize `uint/int` variables with default value

Arbitrary transactions possible due to insufficient signature validation