A vulnerability of a smart contract in one private DAO fund firstly to the leak of cryptocurrency worth tens of millions of dollars (billions as of today) and then to the hard fork of the second-largest blockchain network Ethereum. You can find tons of articles investigating those events, including a wiki page. Even though the purpose here is conclusions, let us refresh in memory what happened five years ago.
The DAO was a startup that ran an investment fund in Ether (ETH) and operated as a smart contract on Ethereum. The DAO is a proper name that founders decided to take as a reference to a general concept of a decentralized autonomous organization, or DAO. The fund claimed from the very beginning that they operate under the terms and conditions of their smart contract that was nothing more than a code of a program deployed on the blockchain. Their website contained no legal terms and conditions, but a notice proclaiming the supremacy of the machine code over any human-readable text to explain this code.