Cross-Chain Repayment Incorrectly Clears Same-Chain Debt

Missing Withdrawal Function for Protocol Rewards

Incorrect Invariant Prevents Multi-Chain Cross-Chain Borrowing

Cross-Chain Liquidation Validity Check Uses Wrong Parameters

Cross-Chain Collateral Can Back Multiple Independent Borrows Leading to Over-Leveraging

Cross-Chain Borrow Records Store Inverted srcEid/destEid Values

Cross-Chain Liquidation Success Handler Uses Invalid Search Parameters

Incorrect User Asset Tracking Cleanup in Cross-Chain Repayment

Missing Interest Accrual Before Exchange Rate Calculation in Supply Function

Permanent Reward Token Lockup Through Malicious Reward Period Extension Attack

Incorrect User Token Update in updateParticipation Function

Market Rate Check Inconsistency Between Documentation and Implementation for LevETH Redemption

Auction Griefing via Blacklisted Token Transfers in removeExcessBids

Auction DOS Through Pool Sale Limit Manipulation

Incorrect Stale Data Validation in `currentValue` Function

Lack of Input Validation in `redeemUSDT` Function

Inability to Withdraw Interest from `totalInterestFromLiquidation`

Incorrect `State` Update for `from` Address in `transferFrom`

Missing Update to `omnichain.totalAvailableLiquidationAmount` in `withdrawUser`

Vulnerability to Replay Attack Due to Improper Signature Validation

Inconsistent MarketFunds Tracking in `ReputationMarket::buyVotes` Leads to Potential Break of the protocol

Frontrunning Vulnerability in claim Function

Use of `tx.origin` Allows Malicious Contracts to Execute Unauthorized Actions

Irreversible State Change Due to Incorrect Parameters in Cross-Chain Winner Propagation

Potential for Locked ETH in the `WinnablesTicketManager`