What are common smart contract vulnerabilities (reentrancy, overflow, etc.)?

Critical smart contract vulnerabilities: (1) Reentrancy — the most famous vulnerability (The DAO hack, $60M, 2016). An external call to an untrusted contract executes before state updates complete, allowing the callee to re-enter the calling function and drain funds. Prevention: Checks-Effects-Interactions pattern (update state before external calls), OpenZeppelin ReentrancyGuard; (2) Integer overflow/underflow — pre-Solidity 0.8.0, arithmetic wrapped silently (2^256 + 1 = 0). Prevention: Solidity 0.8+ has built-in checks; use SafeMath for older versions; (3) Access control issues — missing onlyOwner modifiers or misconfigured roles. Prevention: OpenZeppelin Ownable, AccessControl; (4) Front-running/MEV — miners see pending transactions and insert their own first (sandwich attacks on DEXes). Prevention: slippage protection, commit-reveal schemes; (5) Oracle manipulation — using spot price from a DEX pool as an oracle; flash loans can manipulate this. Prevention: TWAP oracles, Chainlink price feeds; (6) Signature replay — valid signature reused across multiple transactions. Prevention: EIP-712 domain separators, nonces; (7) Denial of Service — function that becomes uncallable (e.g., looping over unbounded array); (8) Delegatecall abuse — proxy patterns using delegatecall can lead to storage collisions. Prevention: EIP-1967 storage slots for proxy patterns.