The relation between the safe collateral ratio and the bad collateral ratio for the PeUSD vaults is not enforced correctly

It is possible to manipulate WETH/LBR pair to claim reward of the users which shouldn't be claimed

Understatement of `poolTotalPeUSDCirculation` amounts due to incorrect accounting after function `_repay` is called

`stakerewardV2pool.withdraw()` should check the user's boost lock status.

Allowing `refreshReward()` to fail during minting or buring esLBR could result in gain or loss previously earned reward

Impossibility to change `safeCollateralRatio`

Delegation rewards are not counted toward granting fund

Risk of silent overflow in reserves update

The `royaltyRecipient` could not be prepare to receive ether, making the `sell` to fail

Malicious royalty recipient can steal excess eth from buy orders

Staking rewards can be drained

DOS any Staking contract with Arithmetic Overflow

Bad implementation in minter access control for `RabbitHoleReceipt` and `RabbitHoleTickets` contracts

User may loose rewards if the receipt is minted after quest end time

Create a short call order with non empty floor makes the option impossible to exercise and withdraw

Putty position tokens may be minted to non ERC721 receivers

Malicious Token Contracts May Lead To Locking Orders

Accumulated ETH fees of InfinityExchange cannot be retrieved

Use safeTransferFrom instead of transferFrom for ERC721 transfers

Owner can set the feeRate to be greater than 100% and cause all future calls to `exercise` to revert

IndexLogic: An attacker can mint tokens for himself using assets deposited by other users

Index managers can rug user funds

NFTHelper Contract Allows Owner to Burn NFTs

Anyone can get swaps for free given certain conditions in `swap`.