WhenNotPaused modifier in the CDPVault can be bypassed by users

Attacker can steal all fees from SFPM in pools with ERC777 tokens.

Owner cannot withdraw all interest due to wrong calculation of accrued interest in WithdrwaCarry

No slippage protection for Market functions

Attacker can reenter to mint all the collection supply

Vulnerability in burnToMint function allowing double use of NFT

All tokens can be stolen from `VirtualAccount` due to missing access modifier

`useRegistryAnchor == true` breakes the logics of `RFPSimpleStrategy._registerRecipient()`

ETH/USD price feed is used instead of BTC/USD

Missing redeem functionality

latestTimestamp is not checked in Oracles

Modifier VaultController._verifyCreatorOrOwner does not work as intented

`Vault.redeem` function does not use `syncFeeCheckpoint` modifier

`Vault::takeFees` can be front run to minimize `accruedPerformanceFee`

attacker can steal RToken holders funds by performing reentrancy attack during redeem() function token transfers