Treasury Balance Tracking Bypass in FeeCollector

Missing Vote Frequency Control in GaugeController

Incorrect Return Values and Double Scaling in `RToken.burn` Function Leads to Denial of Service

Users Can Lose Funds and Collateral by Repaying Loans After Liquidation Grace Period Expiry

Liquidation Cannot Be Closed Even With Healthy Position Due To Strict Debt Check

There is no logic checking for RAACNFT price staleness before minting it

Liquidations are enabled when repayments are disabled, causing borrowers to lose funds without a chance to repay

Workingsupply would always be overwritten in boostcontroller.sol impacting reward calculations

Missing Liquidity Rebalancing in Repayments and Liquidations Leading to Inefficient Liquidity Management

Insufficient ETH Forwarding in Governance Execution Mechanism Causes Proposal Failures

Lack of incentives for users to call LendingPool::initiateLiquidation allows extensive delay between when health factor dropped below threshold and when grace period starts

`collateralLiquidated` value is always 0 when emitted in the `LiquidationFinalized` event

Boost delegation can be removed even if the BoostController is paused, updating the pool's boost accounting

Incorrect sequence of AaveDIVAWrapper constructor parameters

Removed vaults still remain valid in `OperatorVCS`

There is no refund mechanism in `ChakraSettlement.processCrossChainCallback` or `ChakraSettlementHandler.receive_cross_chain_callback` function

`ChakraSettlement.receive_cross_chain_msg` and `ChakraSettlement.receive_cross_chain_callback` functions do not ensure that receiving `ChakraSettlement` contract's `contract_chain_name` must match `to_chain` corresponding to respective `txid` input though

In Starknet already processed messages can be re-submitted and by anyone

A cross-chain message can be initiated with invalid parameters

Settlement contract is mistakenly used for the handler contract when assigning ReceivedCrossChainTx struct

Does not check if to_chain and to_handler is whitelisted in cross_chain_erc20_settlement

Exposed `_removeCredIdPerAddress` & `_addCredIdPerAddress` allows anyone to cause issues to current holders as well as upcoming ones

Refunds sent to incorrect addresses in certain cases

`mintToken()`, `mintWithBudget()`, and `forge()` in the `TraitForgeNft` Contract Will Fail Due to a Wrong Modifier Used in `EntropyGenerator.initializeAlphaIndices()`

The maximum number of generations is infinite

Wrong minting logic based on total token count across generations

Pause and unpause functions are inaccessible

Duplicate NFT generation via repeated forging with the same parent

Discrepancy between nfts minted, price of nft when a generation changes & position of `_incrementGeneration()` inside `_mintInternal()` & `_mintNewEntity()`

Missing disapproval check in `LockManager.sol::approveUSDPrice` allows simultaneous approval and disapproval of a price proposal