User may lose funds when creating Nexus account or executing user operations

Registry is never called when setting up modules using the `Bootstrap` contract

Installing validators with enable mode in `validateUserOp()` doesn't check `moduleType`

Missing nonce in `_getEnableModeDataHash()` allows signature replay

Protocol not fully compliant with `EIP-7579`

`Nexus.validateUserOp()` violates the EIP-4337 specification

Missing `_isInitialized(msg.sender)` check in `K1Validator.transferOwnership()`

`DrawManager.finishDraw()` might allocate more rewards than the reserve amount to draws

Use of `.transfer()` in `Requestor.withdraw()` will not work on zkSync

Draws can be retried even if a random number is available or the current draw has finished

`drawTimeoutAt()` causes the prize pool to shutdown one draw earlier

`try/catch` in `Claimer._claim()` allows users to steal gas from claimer bots

Price formula in `TpdaLiquidationPair._computePrice()` does not account for a jump in liquidatable balance

`TpdaLiquidationPair.swapExactAmountOut()` can be DOSed by a vault's mint limit

L1 re-orgs could cause `FaultDisputeGame.move()` to be executed on the wrong parent claim

Borrower has no way to update `maxTotalSupply` of `market` or close market.

`codehash` check in factory contracts does not account for non-empty addresses

Borrower can drain all funds of a sanctioned lender

Function WildcatMarketController.setAnnualInterestBips allows for values outside the factory range

`setAnnualInterestBips()` can be abused to keep a market's reserve ratio at 90%

Removing markets from `WildcatArchController` gives lenders immunity from sanctions

`create2WithStoredInitCode()` does not revert if contract deployment failed

`collectFees()` updates delinquency wrongly as `_writeState()` is called before assets are transferred

Calculation for lender withdrawals in `_applyWithdrawalBatchPayment()` should not round up

Protocol markets are incompatible with rebasing tokens

Users can `migrate()` before the first harvest to gain more shares

Attacker can leverage flashloans to steal rewards from vaults

EIP-712 typehash is incorrect in `KeeperRewards.sol` and `KeeperValidators.sol`

`enterExitQueue()` might be uncallable if the vault experiences a huge loss

Signatures can be replayed in `castVoteWithReasonAndParamsBySig()` to use up more votes than a user intended

Incorrect initialization of `SecurityCouncilMemberRemovalGovernor` contract

SecurityCouncilNomineeElectionGovernor might have to wait for more than 6 months to create election again

`SecurityCouncilMemberElectionGovernor` Owner Can Change `votingPeriod` During an Active Election

Token guardian protection doesn't account for approved operators in `approve()`

EIP-712 typehash is incorrect for several functions in `MetaTxLib`

Inconsistent encoding of arrays in `MetaTxLib`

Whitelisted profile creators could accidentally break migration for V1 profiles

Users can unfollow through `FollowNFT` contract when LensHub is paused by governance

Users cannot unfollow if they do not own the FollowNFT of the `followTokenId` used for their profile

`tryMigrate()` doesn't ensure that `followerProfileId` isn't already following

Identifying publications using its ID makes the protocol vulnerable to blockchain re-orgs

`LSP8CompatibleERC721`'s `approve()` deviates from ERC-721 specification

`LSP8Burnable` extension incorrectly inherits `LSP8IdentifiableDigitalAssetCore`

LSP8 and LSP9's ERC-165 interface ID differs from their specification

Two-step ownership transfer process in `LSP0ERC725AccountCore` can be bypassed

The owner of a `LSP0ERC725Account` can become the owner again after renouncing ownership

Permission escalation by adding the same permission twice

A previous club owner can abuse approvals to steal assets from the club's escrow

Users might lose funds as `claimERC20Prize()` doesn't revert for no-revert-on-transfer tokens

It is impossible to slash queued withdrawals that contain a malicious strategy due to a misplacement of the ++i increment

A malicious strategy can permanently DoS all currently pending withdrawals that contain it

Anyone can commit collateral on behalf of borrowers for pending bids

Anyone can claim defaulted loan's collateral on behalf of lender

Lenders can steal collateral from liquidators if no-revert-on-failure tokens are used

Protocol does not support fee-on-transfer tokens

Market owners can manipulate marketplace fee to steal principal from borrowers

Changing `lenderManager` to a new address will break `getLoanLender()`

Manipulation of total share amount might cause future depositors to lose their assets

function `restructureCapTable()` in Equity.sol not functioning as expected

Royalty recipients will not get fair share of royalties

A temporary issue shows in the staking functionality which leads to the users receiving less minted tokens.

An attacker can manipulate the preDepositvePrice to steal from other users.

Staking, unstaking and rebalanceToWeight can be sandwiched (Mainly rETH deposit )

Reth.sol: Withdrawals are unreliable and depend on excess RocketDepositPool balance which can brick the whole protocol

`WstEth` derivative assumes a ~1=1 peg of stETH to ETH

DoS due to external call failure

Missing derivative limit and deposit availability checks will revert the whole `stake()` function

Unsafe casting from `uint256` to `uint16` could cause ticket prizes to become much smaller than intended

If the strategy incurs a loss the Active Pool will stop working until the shortfall is paid out entirely

Calling `repay` function sends less DOLA to `Market` contract when `forceReplenish` function is not called while it could be called

beforeTokenTransfer called with wrong parameters in LBToken._burn

StandardPolicyERC1155.sol returns amount == 1 instead of amount == order.amount

Variable balance token causing fund lock and loss

Founders can receive less tokens that expected

`Token:mint`: infinite loop if the founders' shares sum up to 100

Highest bid in first auction can get irretreivably stuck in the protocol

Missing upper limit definition in replaceLenderFee() of HomeFi.sol

Incorrect withdrawal requested

Bribe.sol is not meant to handle fee-on-transfer tokens

First depositor can break minting of shares

Strategists can take more rewards than they should using the function strategistBootyClaim().

Missing checks allow strategists to steal all fund via `tailOff`

Use safeTransferFrom instead of transferFrom for ERC721 transfers

Owner can set the feeRate to be greater than 100% and cause all future calls to `exercise` to revert

Vault is Not Compatible with Fee Tokens and Vaults with Such Tokens Could Be Exploited

User's may accidentally overpay in `buyOption()` and the excess will be paid to the vault creator