Duplicate tranche tracking enables share-price inflation and owner withdrawal abuse.

Missing tranche update in extendDeposit causes underpriced shares.

Uniswap V3 liquidity operations lack slippage protection

Oracle APY sanity check weakens over time and stops protecting against price manipulation

Removing a reward token doesn’t reset state and later re-adding lets late stakers steal historical rewards

Malicious callers can throttle USDC/USDT/WBTC rewards by spamming getRewardFor.

Same heartbeat for multiple price feeds is vulnerable

#Collateral level Inflation vulnerability

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`