Explore Problems
Showing 5,222 of 6,868 problems · matching your filters
Termius SSH Client Routes Private Keys Through Their Cloud by Default
Termius, a popular cross-platform SSH client, syncs private SSH keys through their own infrastructure as part of its default sync feature. Developers using Termius unknowingly expose private keys to a third-party cloud service, with no prominent disclosure or easy opt-out.
VSCode Extension Marketplace Breach Disclosure Withholds Extension Names
A malicious VSCode extension breached 3,800 GitHub repos, but breach disclosures do not name the specific extension. Developers with dozens of installed extensions cannot self-audit or remove the threat without this information, exposing the structural trust problem in extension marketplaces.
Auto Manufacturers Refuse Buybacks for Vehicles With Multiple Safety Recalls
Consumers who purchase vehicles that accumulate multiple safety recalls within months of purchase cannot get the manufacturer to honor a buyback, leaving them financially bound to a defective and potentially dangerous vehicle. Lemon law protections exist on paper but manufacturers exploit procedural gaps and time requirements to avoid compliance. The consumer has no expedient remedy other than CFPB complaints or litigation.
Wave of retiring insurance agency owners with no succession plan
Approximately 30,000 US insurance agency owners are approaching retirement age with no formal succession plan in place and no pipeline of qualified buyers. The average agency owner is 59, creating a compressed timeline for exits that the current M&A infrastructure is not equipped to handle at scale. This creates a structural gap for acquisition platforms, brokers, and transition advisors.
Telecom Promotional Promises Go Unfulfilled and Overbilling Persists for Months
AT&T and similar carriers promise promotional credits during upgrades but fail to deliver them despite confirmed device returns, forcing months of fruitless support calls. Simultaneous overbilling compounds the financial harm. The dispute process is designed to exhaust customers into abandoning claims.
Early-stage founders lack CFO-quality financial insight without a full-time CFO
Founders spend hours monthly wrestling with spreadsheets and chasing bookkeepers to answer basic runway questions, especially at high-stakes moments like board meetings. CFO-level financial clarity is inaccessible to companies that can't afford a full-time hire.
No Alerts When Users Stop Converting — Infra Stays Green
Startups can lose users silently for hours when infra metrics look healthy but user-facing flows are broken. Existing monitoring tools alert on server errors and latency but miss behavioral anomalies like signup drop-offs or checkout abandonment. Engineering teams only discover these failures through manual review or user complaints.
SCA Tools Only Check CVEs and Miss Unmaintained or Abandoned Package Risk
Software composition analysis tools scan for known CVEs but fail to detect packages where maintainers have abandoned the project, creating silent supply chain risk. A lifecycle-aware dependency checker that flags EOL and abandoned packages fills a critical gap in application security workflows.
HomeAdvisor unverified leads and locked exit with steep cancellation penalties
HomeAdvisor provides leads that do not intend to hire, often have no real project, or are seeking free estimates only, and when contractors attempt to leave the platform they face cancellation fees up to $1,200. The service monetizes the lock-in rather than lead quality.
Insurance Companies Using Out-of-Market Comparables to Suppress Total Loss Payouts
When processing total loss claims, insurers systematically use vehicle comparables from distant markets and mismatched configurations to justify lower settlement offers. Even after regulators confirm valuation errors, insurers adjust other data points to maintain the same suppressed payout rather than correcting the figure. Policyholders lack independent tools to verify whether comparable vehicles used are geographically and configurationally appropriate.
Technical Hiring Signals Break Down When AI Can Solve Any Coding Challenge
Engineering managers struggle to evaluate developer candidates because AI tools can complete any algorithmic coding challenge on demand, nullifying the primary screening signal. The problem affects every tech company hiring engineers and is intensifying as AI coding tools improve. No broadly validated alternative evaluation framework has emerged yet.
Docker Containers Default to Excessive Capabilities and No Limits
Docker ships containers with the full default Linux capability set and no memory or PID limits, giving any compromised container far more system access than it needs. Most operators running self-hosted stacks never audit these defaults because nothing breaks — until it does. Dropping capabilities and setting resource ceilings is a straightforward mitigation that remains largely unknown outside security-specialist circles.
SaaS billing and feature entitlements require engineering for every change
SaaS products—particularly AI-native tools where costs scale with tokens or compute—cannot implement usage-based billing without significant custom code for metering, feature access gating, subscription state mirroring, and pricing change logic. The absence of a turnkey abstraction layer means every team solves the same engineering problem independently, with billing errors directly eroding margin in real time.
AI Coding Tools Systematically Miss Security Vulnerabilities in Generated Code
AI coding assistants like Claude Code and Cursor optimize for code that compiles, not code that is secure, consistently missing OWASP-class vulnerabilities like magic-byte validation gaps and SVG XSS. Security-focused MCP agents that enforce SDLC checkpoints at key development phases can catch what standard AI coding tools miss. This is a structural gap affecting any team using AI-assisted coding for production systems.
Customer Success Teams Drown in Context Hunting Across Fragmented Tools
Post-sales and customer success teams spend excessive time manually gathering account context from CRM, support, product, billing, and communication tools. This admin tax prevents proactive account management, leading to silent churn, missed upsells, and inability to monitor account health at scale. The problem is universal in recurring revenue businesses but underserved by accessible, affordable tooling.
Job seekers cannot effectively tailor resumes to pass ATS screening
Job seekers do not know how to rewrite their resumes to match specific job descriptions and pass Applicant Tracking Systems. Manually editing resumes for each application is time-consuming and most people lack the skills to self-diagnose what is wrong. The friction between a strong candidate and a successful ATS pass creates a large, addressable market.
Merchants lack guided evidence tools for chargeback disputes
Small merchants on PayPal, Square, or direct payment accounts face chargeback deadlines with no structured guidance on what evidence wins disputes. Existing solutions either require processor integration or take 20-25% of recovered revenue. A flat-fee, processor-agnostic evidence builder addresses a real and time-sensitive pain.
Knowledge workers cannot manage simultaneous AI agent sessions and human interruptions
As professionals run multiple AI agent sessions concurrently, they face compounding context-switch overhead from Slack messages, ad-hoc meeting requests, and agent status updates. No desktop-native orchestration layer exists to accept voice-dispatched task delegation while staying in flow. The problem is new and grows as agentic AI usage becomes standard in knowledge work.
Fintech apps that resist cancellation after email requests
Subscription fintech apps bury cancellation behind confusing navigation and ignore emailed cancellation requests, continuing to charge users. Customers who followed the documented process are still billed with no recourse except a bank dispute. FTC click-to-cancel rules exist but enforcement lags actual app behavior.
Telecoms Charge Customers for Returned Devices Despite Proof of Receipt
AT&T and similar carriers withdraw device return charges even when tracking confirms delivery and the carrier has already issued tax refunds proving receipt. Customers face repeated disputes with no automatic resolution path.