Missing canonical Uniswap V3 pool verification allows arbitrary token theft from the diamond via malicious pool

ViewWalker misroutes unpaid X to Y breaking `queryAssetBalances` correctness

NFTManager `burnAsset` always triggers JIT penalty on removal

Attacker can spoof ControlTower in migrateFrom to steal user collateral

FULL_RESTRICTED user can bypass staking restriction by depositing to different receiver

Factory gauge controller can only be set to zero address due to assert logic error

Rebalancer can steal all funds through EverclearBridge

MixedPriceOracleV4 decimal mismatch breaks oracle redundancy system

`WrapAndSupply` fails to forward ETH for gas fees breaking the cross-chain functionality

Blacklisted users can withdraw funds via delegates bypassing blacklist enforcement

DoS on window rollover can block liquidity rebalancing

EverclearBridge never pulls tokens from Rebalancer causing complete rebalancing DoS

Unbounded loop in PersistentSet allows any user to cause permanent DoS on core view functions

Unregistered operators retain voting power through registered vaults causing inconsistent state

State Inconsistency in OperatorsWhitelist allows bypassing access control

Flawed authorization logic in `claimRefund` allows theft of non-EVM refunds

System will prevent valid Cross-Chain Liquidations due to Irrelevant Check in `_checkLiquidationValid`

System will understate liabilities for Borrowers leading to Protocol Insolvency by bad condition in `borrowWithIntest`

Incorrect LToken Accounting in `CoreRouter.supply()` can lead to discrepancy in User's favor

User can drain value from Protocol/LPs by receiving excess shares during swaps into appreciating ERC4626 vaults