Mine was a security issue.
When I first got into backend programming, one of the first things I did was build my own authentication system (sign up, sign in, etc.)
And...I stored those passwords in plaintext. Yep.
But I learned from it later on, and now all my apps use hashes with salt to store the passwords.
It turns out Facebook had the same problem when it was first created...
...and they had one password that could be used by Facebook employees to sign in to any account. Yikes.
Quick tip: If you ever go to a website's "forgot password" page, and they email you your password, that website has terrible security.