Looking for the list of Plutus potential vulnerabilities or attacks(Developer mistakes)

Hello Cardano community, I am looking for a list of Plutus programming language potential vulnerabilities or attacks.(Developer mistakes) Can someone help me regarding this? I am doing a research regarding this and there are no sources out there.

I would be happy if you let me know your experiences regarding Plutus programming. :pray:

In the plutus pioneers program, a sample plutus smart contract uses a plaintext redeemer value to unlock some funds. For example, a smart contract is published with the datum hash of โ€œ42โ€. A user will send 42 as the redeemer, and if the hashes match, the funds are unlocked. This is a problem because a relay or block producer can โ€œfront runโ€ that transaction and submit the solution themselves. While the example smart contract is pretty silly, Iโ€™m worried that developers are going to use redeemer values as authentication for unlocking funds.