Explore Problems
Showing 3,128 of 7,185 problems · matching your filters
No Minimum Release Age Control for Docker Image Updates Exposes Supply Chain Risk
Docker image update tools have no way to enforce a minimum release age before pulling new versions, leaving users vulnerable to compromised packages that are caught within days of release. Recent incidents with compromised maintainer accounts demonstrate that new releases are the highest-risk window. A cooldown period before auto-updating — already used in other dependency managers — is absent from Docker workflows.
Mortgage servicers calculate balances from incomplete payment records
Servicers claim loans are delinquent while admitting they lack complete payment history prior to a servicing transfer, apparently assuming little or no prior payments were credited. This produces inflated balances used to pursue foreclosure.
Solo founders lack real-time cash position visibility beyond revenue numbers
Solo founders and micro-SaaS operators track revenue but lack tools that show true cash health — accounting for deferred revenue, unpaid invoices, and upcoming liabilities. Existing bookkeeping software reports what happened, not what runway actually looks like. Founders make hiring and spending decisions on misleading numbers.
Crypto Exchange Failed to Freeze Account During Active 2FA Bypass Attack
A Kraken user's account was compromised via a 2FA bypass and the user contacted support in real time to request an account lock, but Kraken failed to act and unauthorized withdrawals were processed. This exposes a critical gap in real-time incident response capabilities at crypto exchanges. The problem is high-urgency and recurrent across the industry.
Bank denies debit fraud claim ignoring supplemental evidence
Wells Fargo denied a $12,000 debit card fraud claim for unauthorized transactions following card and device theft, ignoring supplemental evidence provided by the customer. The systematic denial of valid fraud claims shifts responsibility to victims and represents a major gap in consumer financial protection.
Credit Card Autopay Keeps Pulling Funds After a Cancellation Request
Cardholders who dispute incorrectly assessed interest and try to close their account find automatic payments still drawing from their bank account, despite phone representatives previously confirming a promotional period was still active. Revoking payment authorization proves difficult, leaving customers fighting ongoing withdrawals after the dispute has already begun.
User Feedback Scattered Across Tools Prevents Accurate Feature Prioritization
Product teams receive user feedback fragmented across spreadsheets, emails, DMs, and support tickets with no unified aggregation system. Duplicate requests from the same user problem are counted as separate signals, inflating priority for incorrect features. The inability to deduplicate and link feedback to user segments causes teams to build the wrong things.
ATS Systems Automatically Reject Qualified Candidates Before Any Human Reviews Their Resume
Applicant Tracking Systems filter out large numbers of qualified candidates based on keyword matching and formatting rules before any human ever sees the application. This shifts the job search from demonstrating capability to gaming ATS algorithms, disadvantaging candidates who do not know the rules. The result is a broken hiring funnel where the best candidate for a role may never reach the hiring manager.
Small Businesses Accumulate Underused AI Tool Subscriptions Without Consolidation
Small business owners trying to leverage AI end up subscribing to a dozen specialized tools — chat, agents, content, automation, websites — each with fixed monthly fees regardless of usage. The subscription sprawl compounds into significant overhead without delivering integrated value. Most SMBs lack technical resources to self-host or orchestrate these tools into a coherent workflow.
AI Resume Tools Produce Generic or Dishonest Job Applications
Job seekers using AI resume and cover letter tools receive output that either overstates qualifications or reads as obviously machine-generated, undermining their applications. The tools optimize for keyword density over authentic self-representation, which erodes recruiter trust. Candidates want AI assistance that enhances their genuine voice rather than replacing it with generic filler.
Mortgage servicers initiate foreclosure while loss mitigation review is active
Homeowners who submit loss mitigation applications to pause foreclosure proceedings find servicers simultaneously advancing the foreclosure, violating RESPA dual-tracking prohibitions. The process moves faster than any complaint or escalation path, leaving borrowers facing property seizure without legal recourse in time.
Penetration testing requires technical expertise and is too slow for most teams
Businesses need continuous security testing of websites, APIs, cloud infrastructure, and AI models but lack in-house technical expertise to run penetration tests, while manual ethical hacking is too slow and expensive. This structural accessibility gap in security testing leaves SMBs with undetected vulnerabilities in an era of increasing cyber threats.
AI coding agents require verbose text to identify UI elements from screenshots
Developers using AI coding assistants must write lengthy descriptions to reference specific UI elements in screenshots, since agents lack spatial annotation tooling. Clipboard context is often lost in chat interfaces. A point-and-annotate layer over screenshots would let developers pin precisely what they mean, dramatically reducing prompt friction.
Durable AI Agents Emit No Observability Events or Progress Traces
Long-running durable agents wrapped with framework abstractions emit no lifecycle hooks, stream callbacks, or status updates, making it impossible to monitor or debug them in production. Developers building agentic applications cannot display progress to end users or diagnose failures in tasks that run for extended periods. As agent-based architectures become more prevalent, the lack of observability primitives is a critical production blocker.
AI Sales Outreach Tools Optimize Email Copy But Not Lead Quality or Targeting
AI outreach tools focus exclusively on personalization and copywriting optimization, ignoring whether the underlying lead list is qualified. High-quality emails sent to wrong-fit prospects deliver no pipeline value, and no AI tool currently solves the lead qualification problem upstream of the copy.
Debt Collectors Cannot Be Verified as Legitimate Before Consumers Share Personal Information
Consumers receiving unexpected debt collection calls have no way to verify the collector is legitimate without providing personal information that could enable fraud. Single parents and elderly consumers are most vulnerable to scam collectors impersonating legitimate agencies. No publicly accessible debt verification service allows consumers to confirm debt validity before engaging.
Banks Fail to Resolve Disputes for Unauthorized Merchant Charges Despite Multiple Submissions
Wells Fargo failed to resolve disputes for charges from an unauthorized merchant despite multiple separate dispute submissions. The dispute cycle repeats without reaching resolution, leaving consumers liable for charges they never authorized. Banks rely on merchant confirmation rather than investigating whether the merchant was authorized by the account holder.
Credit Card Issuers Conduct Sham Dispute Investigations Providing Inconsistent Responses
Barclays provided contradictory responses during a credit dispute investigation, indicating a failure to conduct the reasonable investigation required under FCRA. Consumers have no enforcement mechanism when issuers provide arbitrary dispute outcomes. The inconsistency forces consumers to escalate to regulators rather than getting resolution directly from the issuer.
Cron Job Failures Go Undetected Until Production Incidents Occur
Scheduled cron jobs fail silently without alerting engineers, often going unnoticed until downstream systems break or users complain. Unlike web services with uptime monitors, cron jobs lack dedicated failure detection tooling that pages on-call engineers when expected executions do not complete. Teams running background jobs in production routinely lose sleep over undiscovered failures.
African payment integration requires 11 weeks of multi-provider engineering
E-commerce startups expanding across Africa must integrate separately with multiple regional payment providers, consuming 11+ weeks of engineering time before processing a single transaction. Each provider has distinct APIs, dashboards, and settlement flows with no unified abstraction layer available.