Incorrect APY check causes Oracle reverts immediately after deployment

The maxDeposit returns uint256.max despite hard deposit limits (EIP-4626 Violation)

Malicious users can prevent reward accumulation for all stakers by frequent `updateReward` call

Missing Slippage Check in `PendlePTStrategy` Can Lead to Sandwich Attacks

Migration will Reverts Due to Rounding Mismatch in Borrow Repayment

Incorrect asset matching for ETH/WETH leads to potential DoS of exitPosition in CurveConvexStrategy

Incorrect WithdrawRequestManager Lookup for ETH Token Causes Withdrawal Failure

Reward Loss During `migrateRewardPool` Due to `forceClaimAfter` Lock

Ethena Withdraw request can finalize with 0 token silently if `cooldownDuration == 0`

Missing Reward Manager When Using `CURVE_GAUGE` Directly in CurveConvex Strategy