[M-1] Deposits use manipulable `slot0::sqrtPriceX96` for calculating share price without slippage bounds

[M-2] Owner can under account staking NFTs which leads to cheaper shares minting

[H-2] Attacker can steal user's collateral via `MarketExternalActions::migrateFrom`

[M-1] FULL_RESTRICTED addresses can bypass restrictions

[H-2] - `Leverager::liquidatePosition` function incorrect decimals scaling leads to loss of funds for the protocol

[H-1] - `Leverager::withdraw` function incorrect debt reduction when `token1` is the borrowed asset

Users Can Overwrite Existing Locks in veRAACToken Resulting in Permanent Loss of Funds

Incorrect Reward Claim Logic in FeeCollector::claimRewards Causes Denial of Service

Attackers can double voting power and veToken amount by locking and increasing

Inconsistent Scaling in RToken Transfer Functions

[L-1] Inaccurate boost calculations in `veRAACToken` due to wrong input parameter

Unauthorized Vote Casting Vulnerability

Ineffective proposal threshold validation allows setting arbitrary high values

Incorrect referral fee calculations

[H-5] Lack of access control on `CDS::updateDownsideProtected` function artificially reduces `totalCdsDepositedAmount`

[H-1] Wrong check in `BorrowLib::getOptionFeesToPay` allows users to call `renewOptions` on expired Options and bypass fees

[H-4] Lack of checks for `ethVolatility` param inside `Borrowing::depositTokens` function allows users to mint more `USDA`

[H-1]

`UniswapImplementation::setFeeExemption` functionality broken