Claim Process Is Vulnerable To Generalized Frontrunners

Relisting Can Be Used To Steal Funds

Relisting Then Cancelling A Liquidation Auction Results In Losses On Subsequent Deposits

Cancelled Sunset Collections Results In Stuck Tokens

Beneficiaries Cannot Access Rewards When The Current Beneficiary Is A Pool

Incorrect Implementation Of Fee Exemption Logic

Red Stone Oracle Can Time Travel

Stake Donation Evades Excess Staking Penalties

`OptionTokenV4` Enables Holding Victim `GaugeV4::balanceWithLock` Hostage

Attacker Can Use The `VotingEscrow` To Enact Denial Of Service Against Adversaries

An invocation of `_cancelAllBids()` will ignore if the `bidder` is the highest bidder for the current round.

Vesting contract can be drained by an attacker.

Calls to `claimDeposit` causes pending deposits to be lost.

`VaultZapper` approval logic can be circumvented.

External protocol changes to the `RootChainManager` can invalidate hardcoded `PREDICATE_ADDRESS`.

Blacklisted accounts can still transact.

Token theft from `JalaMasterRouter` due to incorrect scaling during calls to `swapExactTokensForETH`.

Concrete implementations of `BaseLPTAdapter` are susceptible to vault inflation attacks.

An attacker can steal `unclaimedYield` from any account in the `Tranche`.

The `rebalancer` role can `requestWithdrawalAll()` before token maturity.

Incorrect fee estimates result in denial of service when minting via the `PositionManager`.

The invariant `maxDeposit` for a `Vault` can be exceeded.

Rounding error in fee comparison logic resulting in denial of service.

Invariant Violation: `GovernorBravoDelegate` can permit high-risk proposals with only `getQuorumVotes()`.

Invariant Violation: Proposals to call `GovernorBravoDelegate#_setModuleRiskLevel` are not considered high-risk proposals.

Governance Manipulation: Insufficient protection from flash loaned voting power whilst casting a vote.

Frontrunning: Staking to a `Validator` immediately prior to call to `rewardValidators` allows an attacker to siphon rewards.

Race Condition: Shared write access to `isLocked` allows NFTs with open announcements to become tradeable.

Griefing Vulnerability: The `MAXIMUM_NUMBER_OF_DEPOSITS_PER_ROUND` on future rounds can be wasted on zero-value deposits.

Loss of Funds: `JOJODealer.sol` can be drained via calls to `executeWithdraw`.

Loss of Funds: `TrufVesting.sol` can be drained by an attacker.

Invariant Violation: `Token.sol#_updateFounders` does not respect `reservedUntilTokenId`.

Invariant Violation: `LockingPositionManager.sol#manageOwnedAndDelegated` `OwnedAndDelegated` properties are not collision-resistant.