User can bypass staking restrictions through composer and deposit on another chain

Unoptimized subset matches counting implementation will exceed tx gas limit on base chain

`SimplePriceManager.onUpdate()` lack of forward execution fee leads dependent functions to revert

Assets deposited before calculating shares amount to mint will cause users to mint less shares.

Claiming rewards in GovernanceHYBR will always revert

Attacker can front-run liquidity transactions to cause gauge DCA rewards to be lost

Gauge emissions per token not per pool allow malicious pools to capture unearned rewards

Risk of Gas DoS due to Looping

Rounding down in Quote calculation allows underpriced LaunchToken purchases by Malicious user, compounding protocol loss over multiple buys.

`wrapAndSupplyOnExtensionMarket` fails due to missing gas fee forwarding

`Rebalancer.sendMsg` uses stale transfer size causing persistent DoS

USDT approval revert leads to position entry failure

Malicious user can register many operators, leading to DoS in core view functions

Non-standard token incompatibility in `GatewaySend::depositAndCall`

`GatewayTransferNative::withdraw` allows attacker to overwrite refund info using the same `externalId` leading to user fund loss

Incorrect check in `_checkLiquidationValid` may cause healthy accounts to be liquidated

`CoreRouter::supply` uses a stale `exchangeRateStored` which causes internal accounting mismatches

Fee calculation logic in `approveRedeemRequest` is incorrect

Users Who Queue Withdrawal Before A Slashing Event Disadvantage Users Who Queue After And Eventually Leads To Loss Of Funds For Them