User can skip fees when removing funds through `ValueFacet.removeValueSingle`

Users Who Queue Withdrawal Before A Slashing Event Disadvantage Users Who Queue After And Eventually Leads To Loss Of Funds For Them

Incorrect Balance Check in Validator Redelegation Process May Block Legitimate Rebalancing Operations

Inconsistent State Restoration in `cancelWithdrawal` Function

Multiple Delegation by Double Spending Boosts and Lack of Delegation Tracking in BoostController Contract

Incorrect decimal handling in `Auction::buy()` leads to massive overpayment for ZENO tokens

Gauge period cannot be updated

`GaugeController` does not send funds to FeeCollector disrupting fees distribution and causing loss of funds

Reward manipulation vulnerability in StabilityPool

RToken's transfer function lead to loss of funds due to incorrect math

Users can borrow more assets than they have deposited as collateral

Double Usage Index Scaling in StabilityPool Liquidation Inflates Required CRVUSD Balance

Ownership Parameter Mismatch in LendingPool’s Vault Withdrawal Logic

Treasury Balance Tracking Bypass in FeeCollector

Attackers can double voting power and veToken amount by locking and increasing

Gauge Voting Misallocation Vulnerability

Untracked Direct Fee Transfers from RAACToken to FeeCollector Break Fee Distribution System

Ineffective Time-Weighted Average Implementation in Fee Distribution

Voting Power Snapshot Missing

Timelock Controller Retains Canceled Proposals, Enabling Unauthorized Execution and severe Governance Voting manipulation.

Missing Vote Frequency Control in GaugeController

Incorrect accounting in `veRAACToken::emergencyWithdraw` and `veRAACToken::withdraw` due to missing `totalLocked` update

Incorrect utilization rate forces protocol to issue maximum rewards indefinitely

Incorrect DebtToken totalSupply Scaling Breaks Interest Rate Calculations

LendingPool deposits do not work with CurveVault due to lack of funds

Liquidation Cannot Be Closed Even With Healthy Position Due To Strict Debt Check

There is no logic checking for RAACNFT price staleness before minting it

LendingPool.getUserDebt returns outdated value and can lead to liquidation failure

Workingsupply would always be overwritten in boostcontroller.sol impacting reward calculations

Emergency revoke in RAACReleaseOrchestrator will freeze revoked RAAC tokens in orchestrator

`GaugeController::distributeRewards` can be called multiple times by anyone, leading to excessive reward distribution

Lack of Time-Weighted Voting and Weight Decay in GaugeController

Missing Liquidity Rebalancing in Repayments and Liquidations Leading to Inefficient Liquidity Management

Failure to update `lastClaimTime` mapping when users claim rewards in FeeCollector Causes Time-Based Reward Calculation Issues

Cordinated group of attacker can artificially lower quorum threshold during active proposals forcing malicious proposals to pass without true majority support.

RAACToken burns less tokens than expected when feeCollector is unset

Flawed Boost Multiplier Calculation Always Yields Maximum Boost

balanceOf(address(this)) in StabilityPool causes reward distribution to be higher than it should be

Users Cannot Remove Their Own Boost Delegation, Causing Potential Lock-In

The earned yield from the Curve vault can never be utilized when withdrawing or borrowing

Paused Protocol Prevents Critical Functions Including Debt Repayment and Liquidations

rToken Redemption Failure Due to Insufficient Liquidity for Accrued Interest

Lack of enforcement of the `MAX_TOTAL_LOCKED_AMOUNT`

Irreversible emission cap reduction in BaseGauge

Missing Controller Functions in GaugeController

Unauthorized Vote Casting Vulnerability

Impossible to rescue funds from `RToken` contract

Incorrect Initialization of minBoost in BaseGauge Constructor Breaks Core Contract Functionality

Missing Checkpoint Reset in `veRAACToken::emergencyWithdraw` Function

Boost Delegation Allows Invalid Recipients on BoostController

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Incorrect sequence of AaveDIVAWrapper constructor parameters

Fee Evasion via LP Token Transfer Resets Deposit Value

GradientBasedRules will not work for >=4 assets with vector lambdas

quantAMMSwapFeeTake used for both getQuantAMMSwapFeeTake and getQuantAMMUpliftFeeTake.

Inconsistent timestamp storage when the LPNFT is transferred.

not adding `claimable` balance to the total assets in `_harvestAndReport` can cause losses.

Inflated `totalAssets` in `StrategyMainnet`, `StrategyArb`, and `StrategyOp` Contracts

Old router retains token allowance after update

TokenManager - Unlimited withdraw

Native token withdrawal fails until manually approved

`LibChainlinkOracle::getTokenPrice` will always return instantaneuous prices

LibUsdOracle will compromise Beanstalk peg due to wrong price and DoS

LibUsdOracle returns the wrong price for Uniswap Oracle

Tokens can get stuck during migration if the L2 side fails leading to loss of funds

Unfair Penalty Fees in Pipeline Convert

LibUsdOracle is completely broken for the to-deploy L2 chain

quickSort function does not work as expected, compromising the calculation of Beans per Well to be minted during a flood

Forcing penalty to users converting by applying sandwich attack

`BeanL1RecieverFacet#recieveL1Beans()` would never work

ETH/USD 1 hour period is too large for Optimism/Base L2 Chains and too small for Arbitrum/Avalanche leading to consuming stale price data.

SeasonGettersFacet returns the wrong totalDeltaB

TractorFacet return the wrong values for Tractor Counter

```LibWstethEthOracle::getWstethEthPrice``` returns wrong ```wstETH/ETH``` price in some conditions impacting system operations

Deprecated pool BEAN:WETH on LibBarnRaise used as fallback

There is a more efficient and secure way to compute `wstETH:ETH` price using Chainlink

`removeWhitelistStatus` function Ignores updating `milestoneSeason` variable

Temperature and caseId are incorrectly adjusted when oracle fails

User can evade `liquidation` by depositing the minimum of tokens and gain time to not be liquidated

Minimium Collateral Check Can Be Bypassed

Fee Calculation inconsistency in WrappedTokenBridge

Single strategy failure blocks global reward distribution

Due to extremely short `votingDelay` and `votingPeriod`, governance is practically impossible.