Unauthorized Reallocation in `NudgeCampaign::handleReallocation` and Reward Disruption Vulnerability in `NudgeCampaign::invalidateParticipations`

Users can borrow more assets than they have deposited as collateral

LendingPool deposits do not work with CurveVault due to lack of funds

Missing Liquidity Rebalancing in Repayments and Liquidations Leading to Inefficient Liquidity Management

`FeeCollector::updateFeeType` wrong fee share validation leads to impossible update for some fee types

Wrong event emitted in `LendingPool::_repay`

`collateralLiquidated` value is always 0 when emitted in the `LiquidationFinalized` event

The Aave pool is hardcoded

Out-of-Bounds Array Access in `_calculateQuantAMMVariance` with Odd Number of Assets and Vector Lambda

Denial of service when calculating the new weights if the rule requires previous moving averages

GradientBasedRules will not work for >=4 assets with vector lambdas

not adding `claimable` balance to the total assets in `_harvestAndReport` can cause losses.

Missing Router Update Mechanism in StrategyMainnet Contract

Old router retains token allowance after update

[H-01] Auction tokens will be lost forever when auction ends without bids

function erc721Metadata returns empty base uri instead of token uris

QA Report - 0xStalin - Low Severities

`LibChainlinkOracle::getTokenPrice` will always return instantaneuous prices

quickSort function does not work as expected, compromising the calculation of Beans per Well to be minted during a flood