No greater `timestamps` check in `RedstoneCoreOracle`

Incomplete pool isolation when a position encounters bad debt

`liquidationFee` changes could affect liquidators

Deposits can be broken on first deposit

Users can still deposit in the SuperPool when it's paused

Governance voting doesn't take veMento stopped into account

`rewardsManager.depositBatch()` may revert because of precision loss resulting in DOS of auctions

`updateFounders()` doesn't update founders's allocations properly

`repay()` is prone to sandwich attacks

Borrower cannot `repay()` if lender burns its NFT

`computePoolAddress()` will not work on ZkSync Era

Wrong `accLoanRatePerSeconds` in `repay()` can lead to underflow

No deadline and slippage check on `takeOverDebt()` can lead to unexpected results

Wrong check in `repay()` makes borrower loose its `dailyCollateral` if closing position quickly after opening it.

No access control on `setPoolActive()` can result last minute change of proposal bid

Allocators can vote infinitely in QVSimpleStrategy

Check in `_distribute()` might revert even tho there is enough funds to pay

Cannot register recipient if `useRegistryAnchor` is set to `true` in RFPSimpleStrategy

Wrong accounting of `voiceCreditsCastToRecipient` in QVBaseStrategy

The peg stability module can be compromised by forcing lowerDepeg to revert.

Users can get immediate profit when deposit and redeem in `PerpetualAtlanticVaultLP`

`UniV3LiquidityAMO::recoverERC721` will cause `ERC721` tokens to be permanently locked in `rdpxV2Core`

The RdpxV2Core contract allows anyone to call redeem tokens even if the contract is paused.

Staking, unstaking and rebalanceToWeight can be sandwiched (Mainly rETH deposit )

Reth.sol: Withdrawals are unreliable and depend on excess RocketDepositPool balance which can brick the whole protocol