improper Use of `initializer` Modifier in Symmetric Vesting Contract.

Reward Dilution Exploit Due to Continuous Incentive Addition in Staking Contract

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Adversary can win proposals with voting power as low as 4%

An attacker could potentially drain the entire pool balance, including all user funds, from the `OracleLess` contract.

Missing Validation of recipient in `createOrder` Allows Attacker to back-Run Approvals, Resulting in Slippage Manipulation and Complete Fund Loss

Order ID Collision in `Bracket.sol` Contract Leads to Overwriting of Bracket Orders

Improper Stale Price Validation in `PythOracle` Contract Valid Data

Incorrect Take-Profit Logic in `checkInRange` for direction = true

Incorrect Fee Calculation in withdraw Leads to Undercharging and Mismanagement of $.totalDeposits

Number of entities in generation can surpass the 10k number

Wrong minting logic based on total token count across generations

Forger Entities can forge more times than intended

Pause and unpause functions are inaccessible

`Golden God` Tokens can be minted twice per generation

Vulnerability in Access Control Allows Blacklisted Users to Revoke Blacklist Role

`AccountingManager#totalWithdrawnAmount` should reflect tokens actually transferred to users, instead of expected transfers

Withdrawals in AccountManager are prone to DOS attacks.

First depositor can make subsequent depositor lose all of her or his deposit

`AccountingManager` contract's `previewDeposit`, `previewMint`, `previewWithdraw`, and `previewRedeem` functions are not compliant with EIP-4626 standard

`depositQueue.queue` in `AccountingManager` can be flooded causing a DoS

Title: Failure to Update Edge Acknowledgment Status in Storage

Title: Inadequate Allowance Handling in OCL locker `OCL_ZVE:pushToLockerMulti`Function

Title: Inadequate Allowance Handling in convertAndForward Function of `OCT_DAO` & `OCT_YDL`.

Missing Implementation of Permit Function in Contract

Inconsistent Parameter Passing in Token Swapping Functions