In reality borrowers will not receive Downside Protection in `BorrowLib::withdraw`

Strike Price Not Validated Against Strike Percent, Leading to Exploitation Risk

`CDS::redeemUSDT` is vulnerable to input price manipulation attack, leading attacker to drain USDT from treasury.

DoS in core functionality of the CDS contract due to `CDS::updateDownsideProtected` getting set to arbitrarily large value by a malicious user.

Incorrect check in `BorrowLib::getOptionFeesToPay` will never revert the `renewOptions` flow for borrowers, causing a negative impact on the protocol.

Borrowers will enjoy the downside protection in `borrowing::withDraw` even after their position's options maturity expires.

User will not recive any USDa token in `borrowing::redeemYields`

Liquidation type 1 is prone to underflow Revert DoS.

Underflow revert in `liquidationType1` due to `borrowerDebt` amount being more than the amount of collateral asset deposited.

`Borrowing::_withdraw` updating `lastEventTime` even before calling `calculateCumulativeRate()` which will lead to incorrect calculations and update `lastCumulativeRate`

DoS in Liquidation type 2

Inflated Position Sizing Due to Miscalculation in `sizeDelta` Parameter in `BorrowingLiquidation::liquidationType2`

Denial of service for `ManagedBudged::allocate` when asset token type is `AssetType.ERC20` "Fee on Transfer" token.

Users won't liquidate positions because the logic used to calculate the liquidator's profit is incorrect

`Locking::withdraw` & `Locking::getAvailableForWithdraw` , Users can withdraw their entire locked MENTO token and still retain veMENTO tokens, which they can use to cast votes.