Malicious requestor will exploit fee transfer vulnerability to withdraw protocol funds

A malicious actor can perpetually DoS the legitimate `postRequest()` txn

First deposit bug

Incorrect `marketsFunds` states update while `buyVotes()`, cause market funds to be stuck on graduation

`sellVotes()` lacks slippage protection, leading a severe fund losses

With each `withdrawal()`, an unexpected spike in share price occurs due to incorrect internal `totalAssets` accounting.

The raffle cannot be drawn, due to missing `drawRaffle()` functionality in the BoostCore contract

Users can renounce their `BLACKLISTED_ROLE` to freely exchange mtBill in the secondary market.

Any queued withdrawal from EtherFi adapter cannot be claimed

`PufETHAdapter` uses the incorrect function signature for staking

`currentStakeLimit` depletes faster in some adapters, due to actual amount spent less than the input `stakeAmount`

Incorrect withdraw queue balance in TVL calculation

Withdrawals logic allows MEV exploits of TVL changes and zero-slippage zero-fee swaps

ETH withdrawals from EigenLayer always fail due to `OperatorDelegator`'s nonReentrant `receive()`

Deposits will always revert if the amount being deposited is less than the bufferToFill value

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

Anyone making use of the MagicLP's TWAP to determine token prices will be exploitable.

Adjusting "_I_" will create a sandwich opportunity because of price changes

Missing blacklist check beforeTokenTransfer allows anyone to bypass the blacklist mechanism

All yield generated in the IBT vault can be drained by performing a vault deflation attack using the flash loan functionality of the Principal Token contract

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

Since you can reroll with a different fighterType than the NFT you own, you can reroll bypassing maxRerollsAllowed and reroll attributes based on a different fighterType

Fighters cannot be minted after the initial generation due to uninitialized `numElements` mapping

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

NFTs can be transferred even if StakeAtRisk remains, so the user's win cannot be recorded on the chain due to underflow, and can recover past losses that can't be recovered(steal protocol's token)

User unable to cast their votes due to revert `castVoteInternal`

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

A malicious user can avoid unfavorable score updates after alpha/multiplier changes, resulting in accrual of outsized rewards for the attacker at the expense of other users

DoS and gas griefing of calls to Prime.updateScores()

All tokens can be stolen from `VirtualAccount` due to missing access modifier

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP