A critical reentrancy vulnerability was discovered in a multi-token liquidity pool. The attacker exploited callback mechanisms to drain accumulated fees before internal accounting updates. Potential impact: 0M+ TVL at risk. Status: Reported and patched.