Gas Denial of Service (DoS) in `PersistentSet.values()` and `valuesAt()` Due to Unbounded Iteration Over Historical Elements

Authorization Bypass in claimRefund Allows Theft of All Pending Refunds for Non-EVM Addresses

Incompatible Encoding and Decoding Functions in AccountEncoder Library Lead to Malformed Cross-Chain Messages for Solana

Incorrect maxLiquidationAmount Calculation in Cross-Chain Liquidation Validation Prevents Legitimate Liquidations

Incorrect Principal Update in _handleValidBorrowRequest Understates Cross-Chain Debt Obligation on Collateral Chain

Stale Collateral Data in Cross-Chain Borrow Validation (_handleBorrowCrossChainRequest) Leads to Risk of Undercollateralized Loans

maxClose Calculation in liquidateBorrowAllowedInternal Uses Stale Principal, Unduly Restricting Liquidation Repayment Amount

Flawed and Redundant Secondary Liquidity Check in borrow Function May Incorrectly Deny Valid Borrows