Attacker can claim tokens meant for user

Subtraction in `variance()` will revert due to underflow

Potential underflow vulnerability in score range calculation of `LLMOracleCoordinator::finalizeValidation`, leading to DoS.

Request responses and validations can be mocked leading to extraction of fees and/or forcing other generators to lose their fees by making them outliers

_lockedETH is not decreased on refunding players in WinnablesTicketManager contract

Anyone can call propagateRaffleWinner on WinnablesTicketManager with arbitrary function arguments

Roles contract does not implement role invoking

Formulaic Error Rounds Down Causing Total Loss Of Funds For Bid Takers During Abort

Malicious user can drain protocol by bypassing `ASK` offer abortion validation in `Turbo` mode

Token withdrawal fails until someone manually approves spending

Unnecessary balance checks and precision issues in TokenManager::_transfer

`WrappedNativeToken` Can Only Work in `NativeToken` Mode

[Low-01] Missing Access Control in `CapitalPool::approve()` Function Allows any User to call it to set Allowance Amount `TokenContract` to `type(uint256).max`.

`listOffer` Unsafely References Fungible Identifiers

Starknet tokens deposited with use_withdraw_auto can never be withdrawn

in `farmPlots()` an underflow in edge case leading to freeze of funds (NFT)

Incompatibility with Multisig Wallets in `TempleGold::send` Function

TempleGold tokens cannot be recovered when a `DaiGoldAuction` ends with 0 bids

Holders array can be manipulated by transferring or burning with amount 0, stealing rewards or bricking certain functions

`LiquidInfrastructureERC20.sol` disapproved holders keep part of the supply, diluting approved holders revenue.

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

Since you can reroll with a different fighterType than the NFT you own, you can reroll bypassing maxRerollsAllowed and reroll attributes based on a different fighterType

Players have complete freedom to customize the fighter NFT when calling `redeemMintPass` and can redeem fighters of types Dendroid and with rare attributes

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

Due to no access control on `DistributionV2::_authorizeUpgrade()` anyone can change the implementation contract and can destroy the main Proxy contract.

Any User can mint any amount of WStETH in the WStETHMock.sol and StETHMock.sol

Whitelised accounts can be forcefully DoSed from buying curveTokens during the presale

Attack to make ````CurveSubject```` to be a ````HoneyPot````

Single token purchase restriction on curve creation enables sniping

onBalanceChange causes previously unclaimed rewards to be cleared

Withdrawing with amount = 0 will forcefully set name and symbol to default and disable some functions for token subject

Rewards can be drained because of lack of access control

Looping over unbounded `pendingStakes` array can lead to permanent DoS and frozen funds

Malicious users can honeypot other users by minting all the ``EURO`` tokens that the vault's ``collateralRate`` allows right before sale

Users can not remove some amount of collateral from contract because of wrong implementation of "canRemoveCollateral()"

Removal of approved token from token manager can lead to unintended liquidation of vaults

doesn't follow the EIP standard