Brink doesn't sell coverage of a CVE list. It sells coverage of the bug shapes that actually own apps in 2026 — the ones a scanner finds zero of. This is the catalog, the agent that owns each one, and the funnel every finding has to clear before it reaches you.
Authorization checks that miss when the object id is in a header, query string, or a JSON body field the framework auto-parses. The biggest single bucket of real exploits, and the one quarterly pentests miss most often because reproducing one requires two synthetic accounts in the right state.
The endpoint that nobody added a guard to because it was meant to be internal. JWTs with `alg: none`, accepting unsigned tokens, trusting a header that the load balancer was supposed to strip. Severity skews critical — these are the ones that page on-call.
Any feature that asks the server to fetch a URL on the user's behalf — webhook test buttons, image proxies, link previews, oembed unfurlers, PDF generators. The agent enumerates them, points them at IMDS, and reads the cloud creds back.
Two requests in the right window beat a check that was meant to fire once. Coupon redemption, refund issuance, balance transfers, account-lock counters. The agent uses single-packet attack techniques to land bursts inside a few milliseconds.
XSS on its own is a finding. XSS that lands a payload in the same DOM where an admin reviews user content, and chains to a session-token exfil or a privileged action, is an incident. The agent looks for the chain, not the alert.
The bugs scanners can't see because there's no signature — the API does exactly what it says, just in an order or quantity the product team never imagined. Refund the same charge twice. Stack referral bonuses. Escalate via the verb a sibling endpoint forgot to authorize.
Anywhere the app shows the user something it was supposed to keep server-side: HTML comments with debug payloads, API responses that include a `provider_secret` for the wrong tenant, JS bundles with embedded keys from a half-finished feature flag.
The session model has rules — short-lived access token, single-use refresh, idle timeout, IP binding. Each rule is enforced somewhere. The agent looks for the requests that escape one of them and chains the others.
Everything we ship is "validator-confirmed" — the finding reproduces against a real synthetic account, the PoC runs clean a second time, and a human-readable severity is assigned. We don't surface "potential" or "low-confidence" findings because we don't ship them to your inbox either. Once we're running against live targets we intend to publish transparency reports — false-positive rate by family, MTTR for fix PRs — at /blog.