Missing token pair validation in `decreaseLiquidity` allows burning `stNXM` incorrectly

Missing pool validation in `stakeNxm` allows fund theft via malicious pool

Price manipulation via `Uniswap` V3 Position Token ratio asymmetry

Failure to update tranche mapping in `extendDeposit()` allows owner to inflate total Shares, lower Price, and accumulate discounted shares

`_stakeNxm()` fails to check for duplicate tranche IDs before pushing to array

No slippage to mint position and remove liquidity

Trade fee is incorrectly collected from matcher instead of order creator in `_executeAgainstMatcher` function

Older epochs become permanently unclaimable because `emergencyResolveMarket()` only resolves the current epoch

Geometric pools allow split swaps to always execute at best price

Exploitation of fee bypass through `Deposit-Then-Withdraw` strategy

XYK reflect_curve omits swap fee in order sizing, leaking LP fees

Missing slippage protection in liquidity provision

Adding new bucket sizes breaks liquidity-depth accounting, pausing DEX and blocking cancellations

Owner force-cancel orders fails due to missing receive handler

`notifyUnsubscribe` claims reward incorrectly

Attacker can manipulate vote using `sbfBMX`

Fee price is not correct in `Delihook`

`_upsertIncentive` causes precision loss

`DeliHook` doesn't calculate fee using exact swapped amount

`RangePool.sync` doesn't accumulate token when `liquidity == 0`

Unvalidated pool address in `MakerFacet.newMaker` enables collateral drain via malicious V3-like pool

Borrow fee uses APY as per-second rate, causing extreme overcharging

Dirty sibling liquidity not reallocated after parent borrow causes unallocated positions and incorrect fee accounting

Compounding fees width mismatch under-allocates `xCFees`/`yCFees` in `up()`

Position fees from UniV3 decomposition are not returned to user in `NFTManager.decomposeAndMint`

Fee curve utilization cast to uint64 wraps 100% utilization to zero, minimizing fees

`NFTManager` limited to 16 NFTs due to per-owner asset cap in `AssetLib`

JIT penalty unfairly applied on burn due to fee-collection timestamp reset

UniV3Decomposer missing ERC165 supportsInterface breaks RFT pull in decompose

ViewWalker.down writes X remainder into Y field, corrupting fee split

`adjustMaker` ignores `recipient` on removal, sending withdrawn tokens to `msg.sender`

Fully restricted users can bypass restrictions and stake tokens

Staker Balance Rebase Vulnerability in LT Contract

Front-runnable adjustment at vote time inflates YB emissions to `LiquidityGauge`

Incorrect assertion prevents setting Gauge Controller

Attacker can do first inflation attack with `subDepositRewards` function

`mTokenGateway._outHere` doesn't check receiver is not blacklisted

Index Calculation Bug in `_handleReport` Function Causes Incorrect Share Allocation

Protocol Fee Multiple Accrual in Oracle.submitReports

Incorrect performance fee calculation in `FeeManager`

`Consensus.checkSignatures` fails to check for duplicate signers

Wrong Index Usage in cancelDepositRequest Function Causes Fenwick Tree Corruption

Protocol Fee Exponential Compounding in ShareModule.handleReport

ShareManager Transfer Whitelist Logic Bug