The unregistering of vaults can be DoSed by a malicious user.

Uniswap V3 Spot Price Manipulation Enables Share Price Manipulation in stNXM Vault

Insufficient Uniswap V3 Observation Cardinality in `StNxmOracle::price()`

`StNxmOracle::sanePrice` check will revert on normal price movements

Global Variable Manipulation During Active Draw Alters End Result

`twap()` under-charges for multi-period queries due to hardcoded `periods=1`

first depositor attack possible through multiple attack paths because the deposit function does not check 0 shares received.

Traders will claim retroactive cashback rewards for ineligible epochs

Wrong Accounting for users

Vault Removal Ignores Direct Token Transfers

transferFrom in stETH will transfer 1-2 less way, which would result in revert in consequent functions, because of not enough balance

Fully blacklisted users can stake and specify a different receiver address

Improper Handling of Native ETH in `getLiquidAssets` Leads to Potential Denial of Service

Chain-Specific Interface Mismatch in Convex Deposit Function

`_doMixSwap` blindly approves whatever token is specified in params.fromToken

Borrowers will pay excessive interest due to double interest calculation in `CoreRouter::borrow`

Usage of IERC20 transfer method would fail on some tokens due to lack of return of boolean value