There is an external call vulnerability in the Maestro Router 2 contract of Maestro, the largest Telegram Bot project, which has been exploited by attackers to steal more than 280 ETH.