Incorrect Mint Token Calculation in `supply` Function

Incorrect Comparison in Borrow Liquidity Check

Missing Access Control in `submitDeploymentRequest()` Enables Unauthorized Request Pickup

Reward Distribution Extends Period Instead of Adjusting Rate

Incorrect Token Allocation Update in `updateParticipation`

Wrong refundExecutionFee in _handleReturn

Loss of fee refund due to premature state deletion in `PerpetualVault::_handleReturn` function

Incorrect Token Price Validation in KeeperProxy

`GaugeController` does not send funds to FeeCollector disrupting fees distribution and causing loss of funds

Incorrect Reward Claim Logic in FeeCollector::claimRewards Causes Denial of Service

Boost Miscalculation Leads to Excess Distribution

Lack of Access Control in BoostController::updateUserBoost Leading to Unauthorized Delegation Overwrite.

`MAX_TOTAL_SUPPLY` Bypass in `veRAACToken` via `increase()` Function

`RToken::calculateDustAmount` are incorrectly calculated, leading to not be able to transfer the accrued dust amount

Treasury Contract Deposit Function Can Be Frontrun To Deny Protocol Operations

RAACToken burns less tokens than expected when feeCollector is unset

Flawed Boost Multiplier Calculation Always Yields Maximum Boost

Missing Predecessor Check in `executeEmergencyAction()` function

Liquidity rate calculation applies protocol fee as a discount instead of charging it in ReserveLibrary

Irreversible emission cap reduction in BaseGauge

Unauthorized Vote Casting Vulnerability

Incorrect Initialization of minBoost in BaseGauge Constructor Breaks Core Contract Functionality

`FeeCollector::updateFeeType` wrong fee share validation leads to impossible update for some fee types

`_distributeToGauges` is venerable to outOfGas

Incorrect Values Returned in ReserveLibrary `withdraw` Function

Missing `BaseGauge::distributionCap` validation leads to over-emission of rewards

Missing Check for Gauge Activation Status in vote :: GaugeController.sol

Improper Handling of Predecessor Dependencies in Batch Scheduling and Execution

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Fee Evasion via LP Token Transfer Resets Deposit Value

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`

Users can claim more that their actual allotment

Incorrect referral fee calculations

Incorrect Implementation in `currentValue`

Minting zero tokens when underlyingToken is not Ether in cashIn()

Inconsistent accounting in `sellVotes` function.

Uncontrolled Token Destination allows for front-running Attacks