A couple of weeks ago the details of two vulnerabilities relating to transaction unlock_time were revealed. These vulnerabilities were originally found by thecharlatan in 2020.
Hardware Wallets Do Not Check Unlock TIme
Unix time unlock_time values have dangerous validation rules enabling a number of exploits
Of course, the bugs have been fixed for some time.
thecharlatan has previously written about problems with Monero unlock_time on these blog posts:
Destroying your moneroj for fun and not for profit
Monero timelock vulnerabilities
Monero timelock woes
There is presently a proposal to eliminate unlock_time in the coming network upgrade:
Removing/Fixing/Encrypting monero's timelocks
It seems that unlock_time is a barrier to implementing decoy selection binning as explained by jberman here.
