`utilization` for `_getInterestRate()` does not factor in interest

Potential 99.5% loss in `emergencyWithdraw()` of two Yieldbox strategies

Funds are locked because borrowFee is not correctly implemented in BigBang

`totalCollateralShare` state variable not updated in `Singularity` market upon liquidation, resulting in an error on `addCollateral` with skim functionality

BigBang and Singularity should not pause repay() and liquidate()

TOFT `exerciseOption` fails due to not passing `msg.value` properly

In case of Loss to the Yearn Vault, the Contract will stop working until the loss is repaid

Single UniswapV3Swapper using a single fee makes it highly likely to be suboptimal

all deposit and withdraw function in Convex and Curve nativeLP Strategy, apply slippage on internal pricing; which call real-time on chain price from Curve directly and subject to MEV

Oracle Manipulation using Uniswap V3 pool that is not yet deployed

Option brokers don't handle oracle decimals correctly when calculating payment amounts

Loss of possible rewards in Curve Gauge

Multiple issues with decimal scaling will cause incorrect accounting of hTokens and underlying tokens

[M-01] Some functions in Talos contracts does not allow user to supply slippage and deadline, which may cause swap revert

USSD executes swaps without slippage protection

lack of access control on USSD.sol.mintRebalancer() and USSD.sol.burnRebalancer()

chainlink weth/usd priceFeed is using for get price of btc/usd by mistake

Chainlink's latestRoundData return stale or incorrect result

USE OF DEPRECATED CHAINLINK FUNCTION: LATESTANSWER

No check if Arbitrum L2 sequencer is down in Chainlink feeds

Incorrect `blocksPerYear` constant in `WhitepaperInterestRateModel`

Borrow rate calculation can cause VToken.accrueInterest() to revert, DoSing all major functionality

Fix utilization rate computation

malicious admin can steal user's funds by set fee to high value

need alternative ways for fund transfer in `end()` to prevent DoS

Risk of silent overflow in reserves update

Reward accounting is incorrect in BathBuddy contract

DOS of market operations with malicious offers

Zero reward rate calculation impedes low-decimals token distributions

Staking, unstaking and rebalanceToWeight can be sandwiched (Mainly rETH deposit )

DoS due to external call failure

Lack of deadline for uniswap AMM

Usage of transfer() can result in revert

Lack of price freshness check in ControllerPeggedAssetV2.sol#L299.getLatestPrice function allows a stale price to be used

Did Not Approve To Zero First Causing Certain Token Transfer To Fail - USDT

The use of the platform can be disrupted if access to Chainlink oracle data feed is blocked

Fee on transfer tokens will not behave as expected

Incorrect implementation of the ETHPoolLPFactory.sol#rotateLPTokens let user stakes ETH more than maxStakingAmountPerValidator in StakingFundsVault, and DOS the stake function in LiquidStakingManager