Owner of a position can prevent liquidation due to the 'onERC721Received' callback

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

Players have complete freedom to customize the fighter NFT when calling `redeemMintPass` and can redeem fighters of types Dendroid and with rare attributes

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

User can evade `liquidation` by depositing the minimum of tokens and gain time to not be liquidated

First depositor can break staking-rewards accounting

First Liquidity provider can claim all initial pool rewards

THE USER WHO WITHDRAWS LIQUIDITY FROM A PARTICULAR POOL IS ABLE TO CLAIM MORE REWARDS THAN HE DULY DESERVES BY CAREFULLY SELECTING A `decreaseShareAmount` VALUE SUCH THAT THE `virtualRewardsToRemove` IS ROUNDED DOWN TO ZERO

Impossible to change managed wallets with `proposeWallets` after first rejection

Users staking via the `SurplusGuildMinter` can be immediately slashed when staking into a gauge that had previously incurred a loss

Anyone can steal all distributed rewards

Attacker can reenter to mint all the collection supply

Borrower has no way to update `maxTotalSupply` of `market` or close market.

Function WildcatMarketController.setAnnualInterestBips allows for values outside the factory range