Unspent allowances will permanently dos various protocol operations

PythOracle will rejects non-stale values

Withdrawal signatures have no deadline or nonce and can be replayed

Various use of standard IERC20 approval interface which will fail for certain token types.

`proposalId` is incorrectly hashed, which will lead to signatures failing for EIP-712 compliant signers.

Incentives contracts are initialized by BoostCore, which is missing implementations of certain functions

Protocol doesn't account for tokens that charge fee on transfer, rebasing or similar token types

ERC721Bridgable.sol cannot receive ETH so users cannot claim ETH royalties

Lack of support for fee on transfer, rebasing and tokens with balance modifications outside of transfers.

Improperly hardcoded slippage parameters will lead to sandwich attacks

First LP provider of stable pair can DOS the pool

Functions requiring signatures will fail for EIP712 signers

Interest rates keep rising when underlying stablecoin gets paused

Stablecoin blocklist feature is ineffective

Functions depending on `_update` might not work due to overflow protection

Restricted admin privileges

Mint and sales can be dossed due to lack of safeApprove to 0

Possible accounting issues when calculating pool prices.

No check for active L2 Sequencer

Lowering the gauge weight can disrupt accounting, potentially leading to both excessive fund distribution and a loss of funds.