Faulty Gauge Weight Update Formula: Voting Power Delta Not Considered Leading to Arithmetic Underflow and Vote Weight Inconsistency

`BaseGauge` users can claim rewards without staking

`GaugeController::_calculateReward` implementation will cause smaller shares to be allocated to every gauge

Reward manipulation vulnerability in StabilityPool

Incorrect Reward Claim Logic in FeeCollector::claimRewards Causes Denial of Service

Users can borrow more assets than they have deposited as collateral

NFTs Get Permanently Locked in Stability Pool After Liquidation

Double Usage Index Scaling in StabilityPool Liquidation Inflates Required CRVUSD Balance

Treasury Balance Tracking Bypass in FeeCollector

Gauge rewards are not transferred to gauge when distributeRewards() is called

Incorrect DebtToken totalSupply Scaling Breaks Interest Rate Calculations

LendingPool deposits do not work with CurveVault due to lack of funds

LendingPool.getUserDebt returns outdated value and can lead to liquidation failure

`GaugeController::distributeRewards` can be called multiple times by anyone, leading to excessive reward distribution

Paused Protocol Prevents Critical Functions Including Debt Repayment and Liquidations

Skewed Reward Distribution in GaugeController.sol

Borrow, withdraw, deposit revert due to curve vault not having available liquidity or being paused.

The calculation of `totalAssets()` could be wrong if `operatorFeeAmount` > 0, this can cause potential loss for the new depositors

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Incorrect period used to access an auction.

When redeeming levETH while collateral level is greater than the threshold the redeem rate is compared with bondETH's market rate.

Tokens are not refunded when using BalancerRouter.

Incorrect fee accounting.

DoS of coupon claiming if one of the auction fails.

Every auction can be DoS'ed.

Some price feeds for tokens used in the protocol do not exist.

Attacker can make Pool unusable by dropping totalSupply to 0.

`SecondSwap_Marketplace` vesting listing order affects how much the vesting buyers can claim at a given step

Users can claim more that their actual allotment

`buyFee` And `sellFee` Should Be Known Before Purchase

Tokens that has already been vested can be transferred from a user.

Incorrect referral fee calculations

Rounding error in stepDuration calculations.

Users can prevent being reallocated by listing to marketplace

Creator of one vesting plan can affect vesting plans created by other users.

Liquidator can bypass `_validateSeizedAssetValue()` check seizing all of the position's assets.

Lack of slippage protection during withdrawal in SuperPool and Pool contracts.

Griefing attack on seller's airdrop benefits

Wrong minting logic based on total token count across generations

Forger Entities can forge more times than intended

Pause and unpause functions are inaccessible

NFTs mature too slowly under default settings.

Each generation should have 1 "Golden God" NFT, but there could be 0

TraitForgeNft: Generations without a golden god are possible

Slashing NativeVault will lead to locked ETH for the users

The operator can create a `NativeVault` that can be silently unslashable.

Changing the slashingHandler for NativeVaults will DoS slashing

Airdrop rewards for ITO pariticipants will be diluted.

Staking rewards in ZivoeRewards/ZivoeRewardsVesting can be delayed.

ZVE tokens will get stuck in ZivoeRewardsVesting due to an underflow.

A user can escape paying interest for some of the payment intervals.

OCL_ZVE uses 0% slippage tolerance when adding liquidity.

`claimProceeds()` will be DoS'ed for a fully filled auction if a baseToken reverts on 0 amount transfers.

`BlastGas` does not set gas fees to claimable resulting in a loss of revenue for the protocol.

`Auctioneer.auction()` is incorrectly accesing the routing in storage.

`_revertIfLotConcluded()` incorrectly checks if the lot has concluded.

Permanent DoS of `claimBids()` and `settle()` functions for an auction lot with an expired `LinearVesting` derivative.

PrincipalToken is not ERC-5095 compliant

Since you can reroll with a different fighterType than the NFT you own, you can reroll bypassing maxRerollsAllowed and reroll attributes based on a different fighterType

Players have complete freedom to customize the fighter NFT when calling `redeemMintPass` and can redeem fighters of types Dendroid and with rare attributes

Player can mint more fighter NFTs during claim of rewards by leveraging reentrancy on the `claimRewards() function `

Fighters cannot be minted after the initial generation due to uninitialized `numElements` mapping

NFTs can be transferred even if StakeAtRisk remains, so the user's win cannot be recorded on the chain due to underflow, and can recover past losses that can't be recovered(steal protocol's token)

Can mint NFT with the desired attributes by reverting transaction

DoS in `MergingPool::claimRewards` function and potential DoS in `RankedBattle::claimNRN` function if called after a significant amount of rounds passed.

Fighter created by mintFromMergingPool can have arbitrary weight and element

Whitelised accounts can be forcefully DoSed from buying curveTokens during the presale

Attack to make ````CurveSubject```` to be a ````HoneyPot````

Unauthorized Access to setCurves Function

Protocol and referral fee would be permanently stuck in the Curves contract when selling a token

onBalanceChange causes previously unclaimed rewards to be cleared

Curves::_buyCurvesToken(), Excess of Eth received is not refunded back to the user.

The userGaugeProfitIndex is not set correctly, allowing an attacker to receive rewards without waiting

Users staking via the `SurplusGuildMinter` can be immediately slashed when staking into a gauge that had previously incurred a loss

Wrong ProfitManager in GuildToken, will always revert for other types of gauges leading to bad debt

There is no way to liquidate a position if it breaches maxDebtPerCollateralToken value creating bad debt.

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Attacker can reenter to mint all the collection supply

Borrower has no way to update `maxTotalSupply` of `market` or close market.

Borrower can drain all funds of a sanctioned lender

Prime.sol - User can claim Prime token without having any staked XVS, because his `stakedAt` isn't reset whenever he is issued an irrevocable token.

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

Medim severity - No check for stale price feeds

getPriceFromChainlink function in PriceOracle.sol does not check if the L2 sequencer is down.