AccountingManager has no correct implementations of the core ERC-4626 functions `deposit`, `mint`, `withdraw` and `redeem`

`maxDeposit`, `maxMint`, `maxWithdraw`, and `maxRedeem` functions do not return 0 when they should

Value of kerosene can be manipulated to force liquidate users

Signatures can be replayed in `withdraw()` to withdraw more tokens than the user originally intended.

Owner of a position can prevent liquidation due to the 'onERC721Received' callback

V3Vault is not ERC-4626 compliant

_requireVaultCollateralized() is called at the beginning of the functions mintYieldFee() and liquidate()

`Vault.mintYieldFee` FUNCTION CAN BE CALLED BY ANYONE TO MINT `Vault Shares` TO ANY RECIPIENT ADDRESS

`_amountOut` is representing assets and shares at the same time in the `liquidate` function

Any fee claim lesser than the total `yieldFeeBalance` as unit of shares is lost and locked in the `PrizeVault` contract

PrincipalToken is not ERC-5095 compliant

Incorrect bad debt accounting can lead to a state where the `claimFeesBeneficial` function is permanently bricked and no new incentives can be distributed, potentially locking pending and future protocol fees in the `FeeManager` contract

Anyone can update the address of the Router in the DcntEth contract to any address they would like to set.

DecentEthRouter.sol#_bridgeWithPayload() - Any refunded ETH (native token) will be refunded to the DecentBridgeAdapter, making them stuck

Potential loss of capital due to fixed fee calculations

When borrowers repay USDS, it is sent to the wrong address, allowing anyone to burn Protocol Owned Liquidity and build bad debt for USDS

changeWallets() can be confirmed immediately after proposalWallets() by manipulating activeTimelock beforehand

Remove Liquidity has missing reserve1 DUST check, which can make reserve1 to be less than DUST

Unrestricted claiming of fees due to missing balance updates in `FeeSplitter`

Unauthorized Access to setCurves Function

Single token purchase restriction on curve creation enables sniping

Selling will be bricked if all other tokens are withdrawn to ERC20 token

onBalanceChange causes previously unclaimed rewards to be cleared

Once EntropyRateBps is set too high, can lead to denial-of-service (DoS) due to an invalid ETH amount

Since buyToken function has no slippage checking, users can get less tokens than expected when they buy tokens directly

Users staking via the `SurplusGuildMinter` can be immediately slashed when staking into a gauge that had previously incurred a loss

Owner cannot withdraw all interest due to wrong calculation of accrued interest in WithdrwaCarry

Incorrect source address decoding in RootBridgeAgent and BranchBridgeAgent's _requiresEndpoint breaks LayerZero communication

voiceCredits not accumulated

QVSimpleStrategy contract lacks withdrawal method

Too many Reward funds are transferred in and the funds are locked

Staking reward calculation error

_requireVaultCollateralized() is called at the beginning of the functions mintYieldFee() and liquidate()

`Vault.mintYieldFee` FUNCTION CAN BE CALLED BY ANYONE TO MINT `Vault Shares` TO ANY RECIPIENT ADDRESS

`_amountOut` is representing assets and shares at the same time in the `liquidate` function

Any fee claim lesser than the total `yieldFeeBalance` as unit of shares is lost and locked in the `PrizeVault` contract

Refund mechanism for failed cross-chain transactions does not work

`MagnetarV2#burst` double counts `msg.value` for `TOFT_WRAP` operation, making the transaction revert unless the user overpays

Rebalancing mTapiocaOFT of native token forces admin to pay for rebalance amount

Potential loss of value in YieldBox's `depositETHAsset()`