Curve token swap will likely to fail because fee and slippage consideration are excluded

Function WildcatMarketController.setAnnualInterestBips allows for values outside the factory range

When a batch of withdrawals expires, that batch is often underpaid their owed interest

Combined short record might exceed the maximum collateral ratio (CRATIO_MAX)

High - Funds can be lost if any participant is blacklisted

Contract Can Be Deployed Without Funds.

Should not mint new amount when distribute record to the same beneficiary gets replaced if it was not claimed before

Should burn existing minted token for all beneficiaries before changing voteFactor

Blacklist receiver maybe unable to reclaim option token leads to fund token in the contract

The relation between the safe collateral ratio and the bad collateral ratio for the PeUSD vaults is not enforced correctly

Internal withdrawal does not check isDepositAllowed

Incorrect fee handling in Position.sol's Market Buy/Sell functions

RubiconMarket: buy() may not take any fee for tokens with low decimal precision

There is no market enabled validation in Swap and CreateAdl activities

[Major logic error] Unable to deposit NFT if total NFT deposited reaches nftDepositLimit and 1 NFT is refunded for all 4 bounty types.

[Major logic error] setPayoutSchedule cannot reduce the number of payout schedules

Malicious strategist could deny borrowers from repaying loan and force liquidation by setting a extremely high vault fee

Users can liquidate themselves before others, allowing them to take 13% above their borrowers

For a public vault, minimum deposit requirement that is enforced by `ERC4626Cloned.deposit` function can be bypassed by `ERC4626Cloned.mint` function or vice versa when share price does not equal one

Hijacking of node operators minipool causes loss of staked funds

ProtocolDAO lacks a method to take out GGP

Cancellation of minipool may skip MinipoolCancelMoratoriumSeconds checking if it was cancelled before

Functions cancelMinipool() doesn't reset the value of the RewardsStartTime for user when user's minipoolcount is zero

Liquidity providers may lose funds when adding liquidity

Should only allow order trader or owner to check an order

The calculation of totalUSDborrowed value is wrong in Vault Synths

Chainlink's latestRoundData might return stale results

Asset manager's deposit, withdraw and rebalance function calls will get reverted when one of the adapters is broken or paused

New shares calculation could be wrong if total supply = amount and total supply is not zero

Error in allowance logic