What do you think is the most underrated Solidity security bug right now?

Reentrancy gets talked about a lot, but most real-world exploits come from the subtle issues we tend to overlook storage layout collisions in upgradeable contracts, unsafe delegatecalls, missing validation, or small auth assumptions that slip into production.
Curious what you all think is the most underrated vulnerability today.

Which bug patterns do you still see catching teams off guard?