Incorrect Reward Claim Logic in FeeCollector::claimRewards Causes Denial of Service

NFTs Get Permanently Locked in Stability Pool After Liquidation

Attackers can double voting power and veToken amount by locking and increasing

Critical Economic Design Flaw in ZENO Zero-Coupon Bond Implementation Leads to Guaranteed User Losses

`GaugeController::distributeRewards` can be called multiple times by anyone, leading to excessive reward distribution

Canceled vote still get voted on and accumulate voting power in Goverance.sol

LendingPool protocol fee is not properly handled

Lack of deadline check in forwarded request

The calculation of `totalAssets()` could be wrong if `operatorFeeAmount` > 0, this can cause potential loss for the new depositors

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`

Native token withdrawal fails until manually approved

[Low-01] Missing Access Control in `CapitalPool::approve()` Function Allows any User to call it to set Allowance Amount `TokenContract` to `type(uint256).max`.

Forger Entities can forge more times than intended

Reallocation depends on the slot0 price, which can be manipulated.