The Pwn2Own Berlin 2026 hacking contest has concluded, with safety researchers gathering $1,298,250 in prize cash after exploiting 47 zero-day flaws.
The competitors was held on the OffensiveCon convention from Could 14th to Could sixteenth and centered on enterprise know-how and synthetic intelligence.
All through the competition, hackers focused absolutely patched merchandise throughout net browsers, enterprise purposes, native privilege escalation, servers, native inference, cloud-native/container environments, virtualization, and LLM classes.
Opponents used 24 zero-days on the primary day to gather $523,000 in prize cash, and on the second day they used 15 zero-days to gather an extra $385,750 in prize cash. On Day 3 of Pwn2Own, he received one other $389,500 in eight extra zero-days.
DEVCORE received this yr’s Pwn2Own Berlin by hacking Microsoft SharePoint, Microsoft Trade, Microsoft Edge, and Home windows 11, incomes 50.5 Grasp of Pwn factors and $505,000 in prize cash over a three-day competitors. It was adopted by STARLabs SG at $242,500 (25 factors) and Out Of Bounds at $95,750 (12.75 factors).
The highest prize within the contest, $200,000, went to Cheng-Da Tsai (aka Orange Tsai) of the DEVCORE analysis workforce, who chained collectively three bugs to achieve distant code execution with SYSTEM privileges in Microsoft Trade.
On the primary day, Orange Tsai received one other $175,000 for a Microsoft Edge sandbox escape that chained 4 logic bugs, Home windows 11 was hacked 3 times, and Valentina Palmiotti (chompie) from IBM X-Pressure Offensive Analysis made $70,000 for zero-day rooting of Crimson Hat Linux for Workstations and NVIDIA Container Toolkit. Collected {dollars}.
On the second day, hackers demonstrated one other Home windows 11 native privilege elevation vulnerability, a Crimson Hat Enterprise Linux for Workstations root privilege elevation vulnerability, and a number of AI coding agent zero-days.
On the third and remaining day of the competition, members once more hacked Home windows 11 and Crimson Hat Enterprise Linux for Workstations and exploited VMware ESXi utilizing a reminiscence corruption bug.
After Pwn2Own ends, distributors may have 90 days to launch safety patches till Development Micro’s Zero-Day Initiative (ZDI) publishes safety patches.
Final yr’s Pwn2Own Berlin competitors was received by the STAR Labs SG workforce, with ZDI receiving 1,078,750 for 29 zero-day defects and a few bug collisions.
Automated penetration testing instruments provide actual worth, however they have been constructed to reply one query: Can an attacker get via your community? They aren’t constructed to check whether or not controls block threats, detection guidelines hearth, or cloud configurations are preserved.
This information describes six surfaces that it’s best to really study.
Obtain now
