SlowMist attributed the GMX exploit to a design flaw in GMX v1, where short positions immediately update globalShortAveragePrices, impacting AUM and enabling manipulation of GLP pricing. The attacker exploited this by enabling timelock.enableLeverage during order execution and performing a reentrancy attack to inflate GLP prices within a single transaction, profiting via redemptions.