Anyone can steal payment tokens

Anyone can submit deployment request to DoS the execution

User can be griefed by the attacker during deployment updates

Market rate of bondETH is wrongly used during redeeming levETH

Failed auctions lead to coupon distribution DoS

BondETH redemption will revert with underflow if TVL is less than redemption value

Automatic pool selection in BondOracleAdapter may cause it to report an incorrect price

Bidding may be blocked if a previous bidder is blacklisted by USDC

Users can manipulate pool reserve balance to end auction in their favor

Wrong rounding direction will cause initial liquidity drained

Using stale price in PythOracle.sol

Anyone can create StopLimit orders on behalf of users with existing approvals

User may lose funds if several orders created in the same block

An attacker can drain contract funds by calling modifyOrder on fulfilled or cancelled orders

Attacker can drain contract via reentrancy in OracleLess.fillOrder

An attacker can DoS pending orders queue

OracleLess Vulnerable to DoS via Order Flooding

Minting zero tokens when underlyingToken is not Ether in cashIn()

LamboFactory can be permanently DoS-ed due to createPair call reversal

Since the cost of launching a new pool is minimal, an attacker can maliciously consume VirtualTokens.

ReputationMarket contract can become insolvent due to wrong fee accounting

Buyers lose a portion of remaining ETH due to wrong fees calculation

Author can avoid portion of fees due to donation rewards distribution flaw

Market liquidity can be drained due to inefficient pricing formula

No slippage protection in `ReputationMarket.sellVotes()`

FluidLocker::_calculateVestUnlockFlowRates() returns incorrect unlockFlowRate and taxFlowRate

Subtraction in `variance()` will revert due to underflow

Potential underflow vulnerability in score range calculation of `LLMOracleCoordinator::finalizeValidation`, leading to DoS.

Request responses and validations can be mocked leading to extraction of fees and/or forcing other generators to lose their fees by making them outliers

Unrestricted validation score range for validators in `LLMOracleCoordinator::validate`.

BuyerAgent Batch Purchase Failure Due to Asset Transfer or Approval Revocation

Sequential Fee Calculations Lead to Lost Platform Revenue Due to Precision Loss

`SablierFlowBase` Lacks `EIP-165` Compliance for `EIP4906` Interface Support

No LSTs transfer on node operator withdrawals resulting in stuck funds and loss for node operators

Epoch mismatch in FjordPoints and FjordStaking leads to user being able to stake and unstake instantly for rewards

`mintToken()`, `mintWithBudget()`, and `forge()` in the `TraitForgeNft` Contract Will Fail Due to a Wrong Modifier Used in `EntropyGenerator.initializeAlphaIndices()`

WhenNotPaused modifier in the CDPVault can be bypassed by users

Repayments and liquidations can be forced to revert by an attacker that repays miniscule amount of shares

Player can mint more fighter NFTs during claim of rewards by leveraging reentrancy on the `claimRewards() function `

Impossible to change managed wallets with `proposeWallets` after first rejection

Unauthorized Access to setCurves Function

Protocol and referral fee would be permanently stuck in the Curves contract when selling a token

Selling will be bricked if all other tokens are withdrawn to ERC20 token

onBalanceChange causes previously unclaimed rewards to be cleared