Any user can delay staking rewards for tokens with low decimals with little cost

Incorrect repayment calculation when withdrawing and the borrowed token is `token1`

`Leverager::deposit`, does not support multi-hop swaps with `exactOutput`

`Strategy::mainPosition` will never be 50/50 when tick spacing is 1

MergeTgt has no handling if TGT_TO_EXCHANGE is exceeded during the exchange period

The user can send tokens to any address by using two bridge transfers, even when transfers are restricted.

Improper Transfer Restrictions on Non-Bridged Tokens Due to Boolean Bridged Token Tracking, Allowing a DoS Attack Vector

Cross-Chain Signature Replay Attack Due to User-Supplied `domainSeparator` and Missing Deadline Check

`marketRate` should not apply when redeeming leverage tokens and collateral ratio is above the minimum

Incorrect decimals in `BondOracleAdapter` will cause it to return incorrect `marketRate`

Malicious user can leverage flash loans to claim all coupon rewards

Auction will not be able to pull reserve tokens, due to updating the period after deploying the auction

Insufficient fee tracking mechanism might cause the protocol to claim more/less fees.

`sharesPerToken` still gets snapshotted even if the respective auction failed to sell off the reserve tokens

Tokens might get stuck in `BalancerRouter` if `BalancerRouter::joinBalancerAndPredeposit` amount exceeds the reserve cap

Due to rounding down in `Auction::slotSize` the auction might not be able to sell, even if all of the slots get filled

`Auction::endAuction` might pull some of the unclaimed fees

`SecondSwap_Marketplace` vesting listing order affects how much the vesting buyers can claim at a given step

LamboFactory can be permanently DoS-ed due to createPair call reversal

Minting zero tokens when underlyingToken is not Ether in cashIn()

`Flashlender.sol#flashLoan()` should use `mintProfit()` to mint fees. The current implemetation may lead to locked up WETH in PoolV3.

Malicious actor can abuse the minimum shares check in `StakingLPEth` and cause DoS or locked funds for the last user that withdraws

`PendleLPOracle::_fetchAndValidate` uses Chainlink's deprecated `answeredInRound`

`PositionAction4626::increaseLever` will always revert

Possible DoS When calling `GammaTradeMarket::_removePosition` will cause user position to not be able to get liquidated

Chainlink's `latestRoundData` might return stale or incorrect results

`executeWithdraw` may be blocked if any of the users are blacklisted from the `baseToken`

Attacker can increase the length of `withdrawQueue` by withdrawing 0 amount of tokens frequently

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

Design flaw and mismanagement in vault licensing leads to double counting in collateral ratios and positions collateralized entirely with kerosine

Users can get their Kerosene stuck until TVL becomes greater than Dyad's supply

Unable to withdraw Kerosene from `vaultmanagerv2::withdraw` as it expects a `vault.oracle()` method which is missing in Kerosene vaults

No incentive to liquidate small positions could result in protocol going underwater