Explore Problems
Showing 957 of 6,868 problems · matching your filters
VSCode Extension Marketplace Breach Disclosure Withholds Extension Names
A malicious VSCode extension breached 3,800 GitHub repos, but breach disclosures do not name the specific extension. Developers with dozens of installed extensions cannot self-audit or remove the threat without this information, exposing the structural trust problem in extension marketplaces.
Auto Manufacturers Refuse Buybacks for Vehicles With Multiple Safety Recalls
Consumers who purchase vehicles that accumulate multiple safety recalls within months of purchase cannot get the manufacturer to honor a buyback, leaving them financially bound to a defective and potentially dangerous vehicle. Lemon law protections exist on paper but manufacturers exploit procedural gaps and time requirements to avoid compliance. The consumer has no expedient remedy other than CFPB complaints or litigation.
Wave of retiring insurance agency owners with no succession plan
Approximately 30,000 US insurance agency owners are approaching retirement age with no formal succession plan in place and no pipeline of qualified buyers. The average agency owner is 59, creating a compressed timeline for exits that the current M&A infrastructure is not equipped to handle at scale. This creates a structural gap for acquisition platforms, brokers, and transition advisors.
Telecom Promotional Promises Go Unfulfilled and Overbilling Persists for Months
AT&T and similar carriers promise promotional credits during upgrades but fail to deliver them despite confirmed device returns, forcing months of fruitless support calls. Simultaneous overbilling compounds the financial harm. The dispute process is designed to exhaust customers into abandoning claims.
Early-stage founders lack CFO-quality financial insight without a full-time CFO
Founders spend hours monthly wrestling with spreadsheets and chasing bookkeepers to answer basic runway questions, especially at high-stakes moments like board meetings. CFO-level financial clarity is inaccessible to companies that can't afford a full-time hire.
No Alerts When Users Stop Converting — Infra Stays Green
Startups can lose users silently for hours when infra metrics look healthy but user-facing flows are broken. Existing monitoring tools alert on server errors and latency but miss behavioral anomalies like signup drop-offs or checkout abandonment. Engineering teams only discover these failures through manual review or user complaints.
SCA Tools Only Check CVEs and Miss Unmaintained or Abandoned Package Risk
Software composition analysis tools scan for known CVEs but fail to detect packages where maintainers have abandoned the project, creating silent supply chain risk. A lifecycle-aware dependency checker that flags EOL and abandoned packages fills a critical gap in application security workflows.
HomeAdvisor unverified leads and locked exit with steep cancellation penalties
HomeAdvisor provides leads that do not intend to hire, often have no real project, or are seeking free estimates only, and when contractors attempt to leave the platform they face cancellation fees up to $1,200. The service monetizes the lock-in rather than lead quality.
Insurance Companies Using Out-of-Market Comparables to Suppress Total Loss Payouts
When processing total loss claims, insurers systematically use vehicle comparables from distant markets and mismatched configurations to justify lower settlement offers. Even after regulators confirm valuation errors, insurers adjust other data points to maintain the same suppressed payout rather than correcting the figure. Policyholders lack independent tools to verify whether comparable vehicles used are geographically and configurationally appropriate.
Bank automated fraud systems freeze accounts with no human override capability
Chase's Zelle fraud detection flagged routine family transfers, froze the customer's online access, and provided no mechanism for human agents to override the automated decision. Agents gave conflicting explanations and two hung up. The automated system operates outside human accountability — once flagged, customers have no escalation path that can actually unfreeze the account.
Phone scammers impersonate bank fraud departments to drain accounts
Fraudsters call bank customers posing as the fraud department, using social engineering to authorize account transfers. Banks provide no reliable way for customers to verify outbound calls are legitimate, and funds lost to this scam are rarely recovered. The structural gap is bank authentication infrastructure, not individual customer vigilance.
Bank Impersonation Scams Exploit Zelle for Irreversible Fund Theft
Fraudsters impersonating bank fraud departments instruct consumers to make Zelle transfers to recover allegedly stolen funds, causing the actual theft. Banks refuse to reverse these payments despite clear evidence of social engineering. The combination of real-time payment finality and inadequate bank fraud detection creates an unaddressed consumer protection gap.
AI agents can leak credentials without a security checkpoint
AI agents operating autonomously can inadvertently expose sensitive credentials during task execution, with no built-in guardrail to catch this before damage occurs. A builder created a checkpoint tool after experiencing this firsthand, highlighting a systemic gap in agentic AI security tooling.
Small Businesses Cannot Afford Security Guidance or Risk Assessment
Small businesses routinely handle sensitive customer data without any security program, policy, or expert guidance because enterprise security consulting is priced out of reach. Without a dedicated CISO or consultant, SMBs have no way to prioritize risks, respond to incidents, or meet client security expectations. A gap exists between free generic checklists and expensive enterprise compliance tools.
Netlify Takes Down Live Sites (Not Just Deploys) When Credits Expire
Netlify penalizes free-tier users by taking down live sites entirely when deploy credits run out, with no warning and no way to purchase credits without upgrading to paid plans. Two-factor authentication bugs can then lock developers out of their own accounts with no recourse. This creates a developer hostage scenario where the only escape is paying or losing access permanently.
Intercompany Matching and Eliminations Consume 3-5 Days of Every Financial Close Cycle
Multi-entity finance teams spend 3-5 days per close cycle manually matching intercompany transactions and performing eliminations across multiple rule types. This bottleneck delays financial reporting and creates significant error risk, with no purpose-built AI automation addressing the full workflow.
AI systems leak user data through indirect prompt injection
LLM-integrated applications can expose user data to third parties even when users provide no malicious input, due to prompt injection via untrusted content or model memorization. This is a structural vulnerability in how AI is embedded in SaaS products. Every team deploying LLMs without robust output filtering is at risk.
African developers blocked from AI APIs by Stripe-only payments and regional access barriers
Developers across Africa cannot access major AI APIs due to Stripe's limited African card support, regional access blocks requiring VPN workarounds, and high minimum payment thresholds. The barrier is payment infrastructure, not capability or demand. As Africa's developer population grows rapidly, the exclusion from global AI tooling compounds disadvantage.
Subscription charge continues after bank-confirmed payment method removal
Consumers remove payment methods through bank customer service but merchants retain pull authorization and continue charging. Bank confirmation of removal does not revoke merchant-stored payment credentials. The subscription economy lacks a reliable consumer-side cancellation enforcement mechanism.
Users Want Capable AI Without Cloud Subscriptions or Internet Dependency
Recurring subscription costs and mandatory cloud connectivity frustrate users who want reliable AI tools they can own outright. Existing local AI options like Ollama require significant technical setup, leaving non-developers without a practical offline alternative. Demand is growing as subscription fatigue intensifies across the consumer AI market.