User can free from liquidation fee if its escrow balance is less than the calculated liquidation fee.

Protocol withdrawals of collateral can be unexpectedly locked if governance sets the `collateralFactorBps` to 0.

Chainlink oracle data feed is not sufficiently validated and can return stale `price`

Governor can rug pull the escrow

A "FrontRunning attack" can be made to the `initialize` function

`fee` can change without the consent of users

`lending-market/Note.sol` Wrong implementation of access control

No cap on fees can result in a DOS in BathToken.withdraw()

massUpdatePools() is susceptible to DoS with block gas limit

Use safeTransferFrom instead of transferFrom for ERC721 transfers

Owner can modify the feeRate on existing vaults and steal the strike value on exercise

The return value `success` of the get function of the INFTOracle interface is not checked

Critical Oracle Manipulation Risk by Lender

Mistake while checking LTV to lender accepted LTV

Setting new buffer does not reduce current buffer to cap

[WP-H7] Infinite approval to an arbitrary address can be used to steal all the funds from the contract

DexManagerFacet: batchRemoveDex() removes first dex only

Reputation Risks with `contractOwner`

Improper Upper Bound Definition on the Fee