AutoCompoundingPodLp `_pairedLpTokenToPodLp()` does not correctly handle leftover pTKNs.

AutoCompoundingPodLp `_getSwapAmt()` does not return correct value for pairedLpTKN -> pTKN swaps.

spTKNMinimalOracle `_calculateSpTknPerBase()` does not calculate correct price for podded or fraxlend pair pairedLpTKNs.

LeverageManager remove leverage will lead to stuck tokens if slippage `_podSwapAmtOutMin` is set.

Potential vault initial deposit attack for AutoCompoundingPodLP and FraxlendPair

FraxlendPair user liquidation may be frontrun, leading to loss of funds.

LendingAssetVault incorrectly updates vaultUtilization if CBR for a single FraxlendPair decreases.

TokenRewards.sol does not handle paused reward tokens, leading to loss of funds for users.

FraxlendPair `minCollateralRequiredOnDirtyLiquidation` is never set, which allows avoidance of bad debt.

FraxlendPair external `addInterest()` update logic is flawed, leading to inaccurate interest for LVA.

LendingAssetVault should also call `_updateInterestAndMdInAllVaults()` in multiple functions.

Pod's fee swap constraint allows users to snipe fees.

pairedLpTKN as pTKN with non-zero transferTax is not supported in in multiple contracts.

AutoCompoundingPodLp may double collect protocolFee for pairedLpTKN.

AutoCompoundingPodLp does not work for advanced self-lending pods with podded fTKN as pairedLpTKN.

AutoCompoundingPodLp `_swapV2()` may lead to leftover tokens in multihops.

spTKNMinimalOracle calculates debondFee twice, leading to inaccurate oracle price.

spTKNMinimalOracle uses DIA oracle which only supports /USD pairs, which incorrectly assumes all stablecoins are priced at 1 USD.

spTKNMinimalOracle `_calculateSpTknPerBase()` does not return 0, which breaks the feature of having a fallback oracle.

spTKNMinimalOracle does not support advanced self-lending pods, where pairedLpTKN is a podded fraxlend token.

AutoCompoundingPodLP does not use correct oracle price as slippage for pairedLpTKn -> pTKN swap.

Oracle circuit breaker check (minAnswer, maxAnswer) is incorrect.

LeverageManager removeLeverage feature will often fail due to cached addInterest mechanism for FraxlendPair.

LeverageManager closeFee is only collected for pTKN, which can be easily bypassed.

LeverageManager remove leverage may fail for self-lending pods due to not enough tokens for repaying flashloan.

LeverageManager removeLeverage does not support advanced self-lending pods with podded fTKN as pairedLpTKN.

No usable DexAdapter on Berachain.

Zapper `_swapV3Single()` has multiple integration issues with V3 swap.

VotingPool.sol Uniswap V2 pricing formula for spTKN is incorrect

Address is still marked as compromised when registered back by `registerAddress`.

Corruptible Upgradability Pattern

`decreaseLever` uses incorrect position address when withdrawing

AuraVault inherits AccessControl BUT does not call the _setupRole() function in it's constructor to set the initial roles, this leads to a complete DOS of the important claim function rendering the contract unable to claim rewards

Liquidation doesn't account for penalty when calculating collateral to give, allowing users to profit by borrowing and self-liquidating

`Flashlender.sol#flashLoan()` should use `mintProfit()` to mint fees. The current implemetation may lead to locked up WETH in PoolV3.

`CDPVault.sol#liquidatePositionBadDebt()` should not set profit = 0 when calling `pool.repayCreditAccount()`.

It is nearly impossble for Liquidators to use `liquidatePosition()` to fully pay off a non bad-debt position.

`CDPVault.sol#liquidatePositionBadDebt()` does correctly handle profit and loss

bug in `claim` allows users who are disqualified to claim their previously earned emissions

Incorrect address is used as `spender` for ERC20 permit signature verification

The debt in EligibilityDataProvider::requiredUsdValue() needs to be converted into USD; otherwise, it is not a correct value comparison.

Because of the Asset:Share 1:1 Conversion, if Vault Incur a Loss, the Last User to Withdraw Will Take The Entire Loss

PositionAction.decreaseLever() fails to consider the loan fee in Flashlender when calculating loanAmount, as a result, the functionanlity will not work when protocolFee != 0.

Incorrect calculation of `newCumulativeIndex` in function `calcDecrease`

WhenNotPaused modifier in the CDPVault can be bypassed by users

DOS attack to SwapAction.transferAndSwap() when using an ERC20 permit transferFrom.

Malicious actor can abuse the minimum shares check in `StakingLPEth` and cause DoS or locked funds for the last user that withdraws

`PendleLPOracle::_fetchAndValidate` uses Chainlink's deprecated `answeredInRound`

`PositionAction4626::_onDecreaseLever` wrongly updates `tokenOut` forcing user's funds to be stuck in the position action contract

`PositionAction4626::increaseLever` will always revert

PositionAction20._onWithdraw and PositionPendle20._onWithdraw also returns token amount in wrong scale

Wrong repayment amount used in `PositionAction::_repay`, forcing users to unexpectedly lose funds

`SwapAction.sol#balancerSwap` does not support native ETH as input token.

ChefIncentivesController caches endRewardTime, which is not required, and may cause issues during reward update.

`PositionAction4626.sol#_onWithdraw` should withdraw from `position` CDPVault position instead of `address(this)`.

`PositionAction.sol#_deposit` incorrectly checks `auxSwap.assetIn` should be equal to `collateralParams.targetToken`.

`PositionAction.sol#onCreditFlashLoan` may have leftover tokens after conducting `leverParams.auxSwap`.

`PositionActionPendle.sol#_onWithdraw` does not have slippage parameter minOut set.

`PositionAction4626.sol#_onWithdraw` should withdraw from position CDPVault position instead of `address(this)`.

Invalid handling of flash loan fees in `PositionAction::onCreditFlashLoan`, forcing it to always revert

`PositionAction.sol#onCreditFlashLoan` may end up with stuck funds for EXACT_IN primary swaps.

V2AMO is not compatible with Velodrome/Aerodrome.

V3AMO integration with V3 does not collect LP fees when burning liquidity.

Liquidity is incorrectly calculated during `addLiquidity()` for V3AMO, causing DoS.

Liquidity is incorrectly calculated during `unfarmBuyBurn()` for V3AMO, causing DoS.

V3AMO is not compatible with Velodrome/Aerodrome CLPools

Codebase is not compatible with ERC1504.

RedemptionVaultWIthBUIDL does not redeem full balance if BUIDL balance is less than 250k post transaction.

Standard redemption in `RedemptionVault` does not update token allowance.

Corruptible Upgradability Pattern

MBasisRedemptionVaultWithSwapper does not update mBasis daily limit or allowance when conducting mBasis->mTBill swap.

Discrepancy between spec and code: Vault admin cannot update `tokensReceiver`.

`RedemptionVaultWIthBUIDL.sol#redeemInstant` will always DoS due to incorrect contract call.

`decreaseLever` uses incorrect position address when withdrawing

AuraVault inherits AccessControl BUT does not call the _setupRole() function in it's constructor to set the initial roles, this leads to a complete DOS of the important claim function rendering the contract unable to claim rewards

Liquidation doesn't account for penalty when calculating collateral to give, allowing users to profit by borrowing and self-liquidating

`Flashlender.sol#flashLoan()` should use `mintProfit()` to mint fees. The current implemetation may lead to locked up WETH in PoolV3.

`CDPVault.sol#liquidatePositionBadDebt()` should not set profit = 0 when calling `pool.repayCreditAccount()`.

It is nearly impossble for Liquidators to use `liquidatePosition()` to fully pay off a non bad-debt position.

`CDPVault.sol#liquidatePositionBadDebt()` does correctly handle profit and loss

bug in `claim` allows users who are disqualified to claim their previously earned emissions

Incorrect address is used as `spender` for ERC20 permit signature verification

The debt in EligibilityDataProvider::requiredUsdValue() needs to be converted into USD; otherwise, it is not a correct value comparison.

Because of the Asset:Share 1:1 Conversion, if Vault Incur a Loss, the Last User to Withdraw Will Take The Entire Loss

PositionAction.decreaseLever() fails to consider the loan fee in Flashlender when calculating loanAmount, as a result, the functionanlity will not work when protocolFee != 0.

Incorrect calculation of `newCumulativeIndex` in function `calcDecrease`

WhenNotPaused modifier in the CDPVault can be bypassed by users

DOS attack to SwapAction.transferAndSwap() when using an ERC20 permit transferFrom.

Malicious actor can abuse the minimum shares check in `StakingLPEth` and cause DoS or locked funds for the last user that withdraws

`PendleLPOracle::_fetchAndValidate` uses Chainlink's deprecated `answeredInRound`

`PositionAction4626::_onDecreaseLever` wrongly updates `tokenOut` forcing user's funds to be stuck in the position action contract

`PositionAction4626::increaseLever` will always revert

PositionAction20._onWithdraw and PositionPendle20._onWithdraw also returns token amount in wrong scale

Wrong repayment amount used in `PositionAction::_repay`, forcing users to unexpectedly lose funds

`SwapAction.sol#balancerSwap` does not support native ETH as input token.

ChefIncentivesController caches endRewardTime, which is not required, and may cause issues during reward update.

`PositionAction4626.sol#_onWithdraw` should withdraw from `position` CDPVault position instead of `address(this)`.

`PositionAction.sol#_deposit` incorrectly checks `auxSwap.assetIn` should be equal to `collateralParams.targetToken`.

`PositionAction.sol#onCreditFlashLoan` may have leftover tokens after conducting `leverParams.auxSwap`.

`PositionActionPendle.sol#_onWithdraw` does not have slippage parameter minOut set.

`PositionAction4626.sol#_onWithdraw` should withdraw from position CDPVault position instead of `address(this)`.

Invalid handling of flash loan fees in `PositionAction::onCreditFlashLoan`, forcing it to always revert

`PositionAction.sol#onCreditFlashLoan` may end up with stuck funds for EXACT_IN primary swaps.

Users won't liquidate positions because the logic used to calculate the liquidator's profit is incorrect

When `sellCreditMarket()` is called to sell credit for a specific cash amount, the protocol might receive a lower swapping fee than expected.

Fragmentation fee is not taken if user compensates with newly created position

Borrower is not able to compensate his lenders if he is underwater

Users may incur an unexpected fragmentation fee in the `compensate()` call

Users can not to buy/sell minimum credit allowed due to exactAmountIn condition

Multicall does not work as intended

LiquidateWithReplacement does not charge swap fees on the borrower

Corruptible Upgradability Pattern

DEPOSIT_VAULT_ADMIN_ROLE/REDEMPTION_VAULT_ADMIN_ROLE have larger permission than expected: they shouldn't be able to pause vaults

Liquidators can bypass remaining negative margin check and leave the loss to the protocol

Liquidation incorrectly tries to transfer token from Market instead of liquidator if remainingMargin is negative

Reallocation incorrectly sends the exceed quoteTokens to Market contract instead of reallocator

Vaults can become immune from liquidation by setting `vault.recipient` to a blacklisted quote token address

Possible DoS When calling `GammaTradeMarket::_removePosition` will cause user position to not be able to get liquidated

Chainlink's `latestRoundData` might return stale or incorrect results

Integer overflow when calculating rewards

No slippage check for penalty payment for `earlyExitById()` function

BalancerConnector has incorrect implementation of totalSupply, positionTVL and total TVL will be invalid

`Registry.sol#updateHoldingPosition` remove position logic is incorrect: should use `ownerConnector` instead of `calculatorConnector` when calculating holdingPositionId.

`SNXConnector.sol` TVL calculation is incorrect.

Incomplete TVL Calculation in `AerodromeConnector::_getPositionTVL` Function.

`executeWithdraw` may be blocked if any of the users are blacklisted from the `baseToken`

Numerous errors when calculating the TVL for the MorphoBlue connector

It is possible to open insolvent position is Silo connector, due to missing check in borrow function

`veMav` token in `MaverickConnector` does NOT have an existing oracle, so staking Mav would always lead to DoS for TVL calculation

`AccountingManager#totalWithdrawnAmount` should reflect tokens actually transferred to users, instead of expected transfers

`CurveConnector.sol#depositIntoConvexBooster` does not keep track of TVL if `stake == false`

`FraxConnector.sol#repay` approved amount of tokens does NOT account for latest interest, which may cause DoS while repaying

`PrismaConnector.sol` should also check health factor in `openTrove()` function

`_getPositionTVL()` of The StargateConnector doesn't accoount for the total value locked.

The `TVLHelper.sol#getTVL` function is DOSed by the `under collateralized connector`, and as a result, many parts of the protocol may be DOS.

The modifier `onlyExistingRoute` works incorrectly

Attacker can increase the length of `withdrawQueue` by withdrawing 0 amount of tokens frequently

Incorrect Return Value in `CompoundConnector.getBorrowBalanceInBase()` Affecting TVL Calculation

In the BalancerConnector, unclaimed rewards are not included in the calculation of the connectors TVL

Missing calls to `_updateTokenInRegistry` leads to incorrect state of tokens in registry

Incorrect modifier condition

Extra rewards are not updated in curve connector when harvestConvexRewards is called

In the `Gearboxv3` connector the health factor of the account is never considered

In the AerodromeConnector, unclaimed rewards are not included in the calculation of the connectors TVL

Due to missing health factor and hardcoded balance checks on Dolomite, a borrow position can be opened by withdrawing more than the supplied balance leading to possible unwanted liquidations

Lack of functionality for `claimFees` calls to the Aerodrome Pool causes the connector to lose its deserved fees

`depositQueue.queue` in `AccountingManager` can be flooded causing a DoS

No function to claim the reward in `PancakeswapConnector`.

Lender of the loan cannot perform `lenderCloseLoan()`/`setRepaymentListenerForBid()` after calling `claimLoanNFT()`

`_getCollateralTokensAmountEquivalentToPrincipalTokens` uses incorrect min/max for token oracle prices, allowing attackers to use sandwich attacks to borrow a loan with very little collateral.

`STANDARD_EXPANSION_FACTOR` is not needed

In `LenderCommitmentGroup_Smart.sol#burnSharesToWithdrawEarnings()`, shares are burned before `principalTokenValueToWithdraw` is calculated, causing users to withdraw more tokens than expected.

`LenderCommitmentGroup_Smart.sol#liquidateDefaultedLoanWithIncentive` does NOT send collateral to caller, but to the `LenderCommitmentGroup_Smart` pool

Protocol fails to work with ERC20s that does NOT revert on failure during transfer.

Borrowers may receive less tokens than they expect due to fee change after submitting a bid.

`LenderCommitmentGroup_Smart.sol` cannot deploy pools with non-string symbol() ERC20s.

`LenderCommitmentGroup_Smart.sol#_getPriceFromSqrtX96` may overflow

`LenderCommitmentGroup_Smart.sol#sharesExchangeRateInverse()` may divide by zero

`FlashRolloverLoan_G5#rolloverLoanWithFlash` does not support fee-on-transfer tokens

Users can bypass auction mechanism for `LenderCommitmentGroup_Smart` liquidation mechanism for loans that are close to end of loan

`SettleLongPremium` is incorrectly implemented: premium should be deducted instead of added

`_validatePositionList()` does not check for duplicate tokenIds, allowing attackers to bypass solvency checks

Malicious minters can repeatedly penalize their undercollateralized accounts in a short peroid of time, which can result in disfunctioning of critical protocol functions, such as `mintM`.

Validator threshold can be bypassed: a single compromised validator can update minter's state to historical state

No incentive for user to call `stopEarning` for M Tokens

`LiquidInfrastructureERC20.sol` disapproved holders keep part of the supply, diluting approved holders revenue.

Distribution can be bricked, and double claims by a few holders are possible when owner calls `LiquidInfrastructureERC20::setDistributableERC20s`

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

Players have complete freedom to customize the fighter NFT when calling `redeemMintPass` and can redeem fighters of types Dendroid and with rare attributes

Fighters cannot be minted after the initial generation due to uninitialized `numElements` mapping

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

Fighter created by mintFromMergingPool can have arbitrary weight and element

Rewards for StakedStargateAM is calculated incorrectly

Missing access control on UTB:receiveFromBridge allows UTB swaps to be executed without spending bridge fees while bypassing fee/swap instruction signature verification

When borrowers repay USDS, it is sent to the wrong address, allowing anyone to burn Protocol Owned Liquidity and build bad debt for USDS

User can evade `liquidation` by depositing the minimum of tokens and gain time to not be liquidated

Unwhitelisting does not clear _arbitrageProfits, so re-whitelisting may result in an unfair distribution of liquidity rewards.

Impossible to change managed wallets with `proposeWallets` after first rejection

Unrestricted claiming of fees due to missing balance updates in `FeeSplitter`

onBalanceChange causes previously unclaimed rewards to be cleared

Curves::_buyCurvesToken(), Excess of Eth received is not refunded back to the user.

If a user sets their curve token symbol as the default one plus the next token counter instance it will render the whole default naming functionality obsolete