Oracle policy mismatch between normal operations and liquidation enables path-dependent liquidation outcomes

Deposit cap check double-subtracts reserves, enabling cap bypass and underflow aborts

Borrow ADL trigger uses global reserve debt instead of per-eMode-group debt

Rate limiter `reduce_outflow` only updates the current segment, enabling low-cost borrow-capacity griefing

`set_invocation_costs_config()` fails to authorize admin allowing anyone to set invocation costs

`twap()` under-charges for multi-period queries due to hardcoded `periods=1`

Systematic Overcharge in prices and x_prices: Fee Charged for Requested Records While Return is Capped at 20

Expiration vector length mismatch causes panic in extend_ttl() when assets are added with zero initial expiration period

`provide_liquidity` allows zero-token deposits, enabling DOS attack on pool initialization

any non whitelisted token can deposit into pda using `deposit_spl_token` and `deposit_spl_token_and_call`

Missing `sender` in signature message hash enables vulnerabilities in `handle_sol` Function