Missing `self.claimed` update in `InflationaryVest.vy` allows double claim

Utilization Multiplier is Imprecisely Calculated In Some Situations

Arbitrary Parties Can Dilute the Staking Rewards Due to a Missing Access Control

Incorrect Mathematical Logic

BondingTax has invalid slippage implementation

Imprecise calculations in launchFor() lead to less liquidity be added to the pair via the router

FeeCollector stakeholders may receive less fee distribution due to unnecessarily precision loss

Interest Rate Model Uses Prime Rate Instead of Optimal Rate at Optimal Utilization

Paused Protocol Prevents Critical Functions Including Debt Repayment and Liquidations

`FeeCollector::updateFeeType` wrong fee share validation leads to impossible update for some fee types

If the Rtoken Contract is minted with 0 amount, an invalid value is returned.

The Imprecise Calculation of the Redeem Rate Results in the Final Amount Being Lower than the Actual Value

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`

Order ID Collision in `OracleLess.sol` Contract Due to Wrong Sender Address for the Order ID Generation

Minting zero tokens when underlyingToken is not Ether in cashIn()

Pause and unpause functions are inaccessible

Imprecise token age calculation results in an incorrect nuke factor, causing users to claim the wrong amount

The `indexed` Keyword in Events Causes Data Loss for String Variables

The `indexed` Keyword in Events Causes Data Loss for Variables of type `bytes`

Claimable gauge distributions are locked when `killGaugeTotally()` is called in the Voter

DOS Attack by Delegating Tokens at `MAX_DELEGATES = 1024`

The first liquidity provider of a stable pair can DOS the pool

`indexed` Keyword in Events Causes Data Loss for Dynamic Array Variables

Wrong event is emitted when upgrading the token exclusion manager inside the PortfolioFactory contract

`indexed` Keyword in Events Causes Data Loss for Dynamic Array Variables

Wrong collection referrer set in `_splitProtocolFee()` leads to wrong and unhandled token distribution

Less base tokens are transferred when selling quote tokens due to the precision loss that occurred in `_GeneralIntegrate()`

Lack of sensitivity for diversity between the spot price and safe price inside `verifyLSTPriceGap()` function due to rounding error

Precision loss in the calculation of the fee amounts and fee shares inside the `_preparePool` function of the MainHelper contract

Improper precision of strike price calculation can result in broken protocol

A malicious early depositor can manipulate the `LP-Token` price per share to take an unfair share of future user deposits

Chainlink oracle will return the wrong price if the aggregator hits `minAnswer`

Division before multiplication truncate minOut and incurs heavy precision loss and result in insufficient slippage protection

Destruction of the `SmartAccount` implementation

Users may not be able to redeem their shares due to underflow

Protocol safeguards for time durations are skewed by a factor of 7. Protocol may potentially lock NFT for period of 7 years.

Unsafe downcasting operation truncate user's input

Solmate's ERC20 does not check for token contract's existence, which opens up possibility for a honeypot attack