-
# Lines of code
https://github.com/code-423n4/2024-04-dyad/blob/4a987e536576139793a1c04690336d06c93fca90/src/core/DNft.sol#L22-L32
# Vulnerability details
## Summary
In the DNFT protocol, the cos…
-
NentoR
medium
# `LendingPool::repay()` can be frontran and lead to losses for account owner due to missing auction check
## Summary
It is possible for account owners to call `LendingPool::repay()` …
-
# Lines of code
https://github.com/code-423n4/2024-04-dyad/blob/4a987e536576139793a1c04690336d06c93fca90/src/core/VaultManagerV2.sol#L119-L131
https://github.com/code-423n4/2024-04-dyad/blob/4a987e53…
-
# Lines of code
https://github.com/code-423n4/2024-04-renzo/blob/main/contracts/RestakeManager.sol#L564-L572
https://github.com/code-423n4/2024-04-renzo/blob/main/contracts/RestakeManager.sol#L604-L6…
-
Solidity_ATL_Team_1
medium
# Fund loss when calling `swapUnderlyingForPt` as excess ETH isn't refunded automatically
## Summary
When a user calls `swapUnderlyingForPt` they can deposit ETH in ret…
-
Ironsidesec
medium
# `OCL_ZVE` loses amounts to MEV bots every time it adds liquidity to the pool due to slippage.
## Summary
Root cause: wrong slippage implementation, so sandwich attack with MEV…
-
Tendency
medium
# Strict Allowance Check Could Brick a Major Functionality in `OCL_ZVE`
## Summary
In `OCL_ZVE` contract, when pulling liquidity from the `DAO` into a $ZVE/pairAsset pool, the assum…
-
dimulski
high
# A malicious actor can manipulate the distribution of points
## Summary
The ``SophoFarming.sol`` contract main purpose is to calculate users points based on their deposits, it is sta…
-
# Lines of code
https://github.com/code-423n4/2024-04-dyad/blob/cd48c684a58158de444b24854ffd8f07d046c31b/src/core/VaultManagerV2.sol#L127
# Vulnerability details
## Impact
By providing empty depos…
-
# Lines of code
https://github.com/code-423n4/2024-02-althea-liquid-infrastructure/blob/main/liquid-infrastructure/contracts/LiquidInfrastructureERC20.sol#L441-L445
https://github.com/code-423n4/2024…