Explore Problems
Showing 1,188 of 6,868 problems · matching your filters
Banking apps show transactions but provide no actionable spending intelligence
Most banking and personal finance apps display raw transaction lists without analyzing patterns, trends, or behavioral insights. Users cannot identify where their money actually goes without manual categorization in separate tools. The gap between data display and financial intelligence leaves the majority of banking customers without practical guidance.
Malicious VSCode Extensions Can Breach Thousands of GitHub Repositories
A single malicious VSCode extension compromised 3,800 GitHub repositories, exposing a critical gap in extension marketplace security vetting. The extension marketplace provides no meaningful safety signals, leaving developers unable to assess extension trustworthiness at install time.
npm Ecosystem Silently Executes Malicious Code via Transitive Dependencies
Every npm install is an implicit trust decision across hundreds of packages, any of which can execute arbitrary code via postinstall hooks with no user confirmation. The Axios backdoor attack demonstrated this at 80M weekly download scale, with sophisticated obfuscation and self-cleanup. Existing tools like Snyk detect known vulnerabilities but do not prevent silent postinstall execution from newly compromised accounts.
MCP Servers Inject Context Tokens on Every Message Even When Not Used
Every configured MCP server injects tokens into the context window on each message, regardless of whether that server is needed for the current task. As developers add more MCP servers, context window bloat becomes severe and reduces effective model capacity. No selective MCP loading mechanism exists to activate servers only when relevant.
Cloud AI Coding Agents Require Sharing Codebases; Local Models Lack Performance
Developers using cloud-based AI coding agents like Cursor, Codex, or Claude must expose their codebase to training pipelines. Switching to local models for privacy eliminates the performance needed for real coding tasks. No tool currently solves both privacy and performance simultaneously.
Air-Gapped Networks Have No Passive Threat Detection Without Active Scanning Risk
Security teams protecting air-gapped environments — defense, ICS, nuclear — cannot use conventional network detection tools that require active probes, which risk triggering false alerts or disrupting critical operations. Passive monitoring that can identify C2 beacons and DNS generation algorithm traffic without sending any packets is absent from the market. This leaves some of the highest-value targets with a fundamental detection blind spot.
Phone Theft Enables Immediate High-Value Zelle and Venmo Fraud Banks Refuse to Refund
Thieves who steal unlocked phones can immediately execute thousands of dollars in Zelle and Venmo transfers before the owner can react. Payment apps treat physical phone possession as sufficient authorization, creating a structural gap where theft of a device equals theft of funds. Banks and payment platforms systematically deny fraud refunds for these transactions because the device was used directly.
Bank security alert systems fail to fire during active account takeover via phishing
Customers who configure bank security alerts for new device logins and failed password attempts receive no notifications when fraudsters are actively taking over their accounts via phishing. Alert systems that customers rely on as a safety net fail silently at exactly the moment they are needed. The combination of caller ID spoofing and alert failure gives attackers undetected access windows long enough to drain accounts.
Salesforce Locks Essential CRM Features Behind Expensive Add-On Tiers
Salesforce's pricing model places many of its most valuable features in premium add-on tiers, making the true cost of a functional deployment far higher than base plan pricing suggests. This tiered gating disproportionately affects mid-market companies that need advanced capabilities but cannot justify enterprise pricing. The practice has driven sustained interest in CRM alternatives with more transparent feature bundling.
Insurance policies lapse silently due to payment system errors
Autopay failures on insurance policies trigger silent policy cancellations with no customer notification, leaving homeowners unknowingly uninsured for months. The failure is compounded by siloed internal systems that prevent even the insurer's own support staff from diagnosing what happened.
AI coding agents need full-computer sandboxes with memory forking and sub-second startup
AI coding agents require sandbox environments with full operating system capabilities — not lightweight containers — including the ability to fork running memory state to explore multiple execution paths simultaneously and snapshot mid-execution for later resumption. Existing container and VM solutions are either too slow to start, too limited in capability, or cannot fork state without pausing the entire environment. This missing infrastructure capability prevents entire categories of sophisticated agentic behavior.
Slack Notification Volume Overwhelms Users With Irrelevant Alerts From Unrelated Channels
Slack delivers notifications for every channel event including conversations that have nothing to do with the recipient, making focused work impossible. Calendar and cross-team notifications arrive without relevance filtering, creating constant cognitive interruptions. Paying subscribers have no effective mechanism to filter notifications to only relevant events.
Insurance Policies Deliberately Obscured With Jargon, Clauses Hidden Until Claims
Insurance contracts are routinely 50+ pages of dense legal language that consumers cannot meaningfully understand before signing. Critical exclusions and limitations only become apparent when a claim is filed and denied. This information asymmetry is structural and benefits insurers at the expense of policyholders.
Mortgage Servicers Proceed to Foreclosure Track After Verbally Approving Forbearance
Homeowners experiencing documented financial hardship who proactively request forbearance receive verbal approvals that are never formally processed, while the servicer simultaneously initiates foreclosure proceedings. The absence of written confirmation requirements and the 30+ day processing lag leaves current-account homeowners in a foreclosure pipeline they cannot exit. No real-time status visibility exists between borrower application and servicer processing systems.
Zelle scammers impersonate bank support agents to extract multiple payments
Fraudsters impersonate bank customer service representatives and convince victims to send multiple Zelle payments under the pretense of processing a legitimate transfer. By the time victims recognize the scam, multiple payments have cleared and Zelle's no-recourse policy leaves them with no recovery path. Banks decline to intervene because the payments were technically authorized by the account holder.
Medical reports written in clinical language patients cannot understand
Patients receive MRI results, CT scans, pathology reports, and discharge summaries written for clinicians, not patients. The technical language creates anxiety and prevents informed health decisions. As self-service patient portals grow, this gap between clinical documentation and patient comprehension widens.
Banks Disburse Auto Loans to Unverified Dealerships, Enabling Purchase Fraud
Banks process auto loan disbursements without verifying that the receiving entity is a real, registered dealership — enabling fraudulent dealers to receive funds for vehicles that are never delivered. Borrowers are left with active loan obligations for cars they never received, with the bank accepting no responsibility for the disbursement failure.
Bank of America Processes Unauthorized ACH Withdrawals After Written Revocation
Bank of America continued debiting a consumer's account after receiving a written revocation notice, ignoring the legal instruction and extracting funds without authorization. High mention count and upvotes confirm this is a widespread systemic failure at major banks.
Intercom Pricing Is Prohibitive for Startups and Small Businesses
Intercom charges per AI resolution ($0.99/resolution for Fin) on top of base subscription costs, making it unaffordable for small teams. Advanced features locked behind higher tiers further restrict smaller companies from getting full value.
Phone Scammers Impersonate Banks and FBI to Drain Accounts via Zelle
Criminals impersonate bank representatives and FBI agents via phone to manipulate consumers into transferring funds via Zelle. Once sent, Zelle payments are irreversible and banks typically refuse to reimburse victims of social engineering.