TIME - ERC2771Context + Multicall calldata manipulation

Reference

Arbitrary Address Spoofing Attack: ERC2771Context Multicall Public DisclosureOpenZeppelin

CertiK - Time Token Exploit

Root cause

Mitigation