Liquidation Seize Calculation Uses Spot Price While Eligibility Check Uses EMA Price, Enabling Excess Collateral Extraction

ADL Borrow Deleverage Uses Global Reserve Debt Instead of EMode Group Scoped Debt for Breach Validation

`deposit_limit_breached()` Double-Subtracts `cash_reserve`, Enabling Supply Cap Evasion and Causing Deposit Reverts in Reserve-Heavy Markets

Interest Model Severely Undercharges When Rate Decays Below MIN_RATE

`writeOff()` Can Zero Total Debt While Coin Supply Remains

Exchange Rate Manipulation via Uniswap V3 Spot Price Dependency in LP Valuation

Owner Can Steal Vault Funds via removeTokenIdAtIndex Accounting Manipulation

JDola ERC-4626 `max*` Functions Do Not Account for Internal Vault Limits

Integer Division Rounding Enables Free Token Theft in Token Swaps

Attacker can zero out pending staking rewards through minimal stake manipulation

Multiple Pools Drain Staking Rewards via Missing Canonical Pool Enforcement

Per-Trade Epoch Anchoring Enables 100% Cashback Overpayment via Timing Manipulation

First staker after idle period captures all emissions from zero‑stake interval

Retroactive Mint Rate Application Violates Global Emission Rate Integrity

Hard-coded 6-Decimal Assumption Causes Catastrophic Reward Miscalculation on BNB Chain

Incentive Front-Loading Due to Incorrect Time Reference in Reward Accrual

Fee Under-Collection in Exact-Output Swaps with Fee-from-Output

Ineffective transferVaultBalance Function Cannot Migrate Real Vault Balances

NFTManager tokenURI() Reverts Due to Incorrect Diamond Storage Access

ViewWalker Cross-Assignment Bug Causes Incorrect Fee Calculations

Unauthorized Access via Spoofed ControlTower Authorization

WUSR Mint Function Overcredits Users Due to Misuse of ERC4626 `previewMint

Missing receive() Functions Break ETH Zap Functionality

Reward Backlog Accumulation Bug Allows First Stakers After Idle Periods to Steal Rewards

EMA-based Mark Price Component Exhibits Excessive Lag Leading to Inaccurate Pricing