Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`

Staking ETH incorrectly assumes revert bubbling

Users won't liquidate positions because the logic used to calculate the liquidator's profit is incorrect

Fragmentation fee is not taken if user compensates with newly created position

Borrower is not able to compensate his lenders if he is underwater

`executeBuyCreditMarket` returns the wrong amount of cash and overestimates the amount that needs to be checked in the variable pool

Multicall does not work as intended

LiquidateWithReplacement does not charge swap fees on the borrower

withdraw() users may can't withdraw underlyingBorrowToken properly

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

Kerosene collateral is not being moved on liquidation, exposing liquidators to loss

User can get their Kerosene stuck because of an invalid check on withdraw

Flash loan protection mechanism can be bypassed via self-liquidations

Unable to withdraw Kerosene from `vaultmanagerv2::withdraw` as it expects a `vault.oracle()` method which is missing in Kerosene vaults

Attacker can frontrun to prevent vaults from being removed from the dNFT owner's position

Liquidating positions with bounded Kerosen could be unprofitable for liquidators

Incorrect deployment / missing contract will break functionality

No incentive to liquidate when CR <= 1 as asset received < dyad burned

Owner of a position can prevent liquidation due to the 'onERC721Received' callback

V3Vault is not ERC-4626 compliant

Lack of safety buffer in `_checkLoanIsHealthy` could subject users who take out the max loan into a forced liquidation

Due to interest rates update method, Interest-Free Loans are possible and the Cost of DoS are reduced