Pwn2Own Berlin 2026 Nets $385,750 From Windows 11

Day two of Pwn2Own Berlin 2026 at OffensiveCon brought $385,750 in cash awards after competitors exploited 15 unique zero-day vulnerabilities across Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux for Workstations—plus new wins in the AI coding ag

On the second day of Pwn2Own Berlin 2026, competitors didn’t just prove vulnerabilities existed—they showed they could turn them into code execution in fully patched enterprise environments, racking up $385,750 in cash awards across 15 zero-day exploits.

The tests unfolded during OffensiveCon. where the contest runs from May 14 to May 16 and focuses on enterprise technologies and artificial intelligence.. Under Pwn2Own’s rules. every targeted device must be running the latest operating system versions. and each entry has to compromise the target and demonstrate arbitrary code execution.

After a zero-day is disclosed. vendors have 90 days to patch their software and hardware—an unusually tight timeline given what the day’s winners demonstrated.. Organizers say researchers can earn more than $1. 000. 000 in cash and prizes by targeting categories ranging from web browsers and enterprise applications to cloud-native or container environments. virtualization. local privilege escalation. servers. and even local inference and LLM-related work.

The standout moment came from Cheng-Da Tsai, also known as Orange Tsai of the DEVCORE Research Team. He collected $200,000 by chaining three bugs to achieve remote code execution on Microsoft Exchange with SYSTEM privileges.

Windows 11 also drew attention, with Siyeon Wi earning $7,500 after exploiting an integer overflow bug. Privilege escalation was a theme on Linux as well: Ben Koo of Team DDOS escalated privileges to root on Red Hat Enterprise Linux for Workstations, taking home a $10,000 cash prize.

The day wasn’t limited to classic OS targets. 0xDACA and Noam Trobishi used a use-after-free bug to exploit the NVIDIA Container Toolkit, underscoring how container-adjacent components remain high-value targets in enterprise setups.

In the AI category, hacking didn’t stop at traditional software. Le Duc Anh Vu of Viettel Cyber Security hacked the Cursor AI coding agent for $30,000. Sina Kheirkhah of the Summoning Team demoed an OpenAI Codex zero-day for $20,000, while Compass Security exploited Cursor for $15,000.

Earlier momentum had already been built on day one.. Orange Tsai earned another $175. 000 by chaining 4 logic bugs to escape the Microsoft Edge sandbox. while Valentina Palmiotti. known as chompie. of IBM X-Force Offensive Research collected $20. 000 for rooting Red Hat Linux for Workstations and $50. 000 for an NVIDIA Container Toolkit zero-day.

Windows 11 was also hacked three times on day one—by Angelboy and TwinkleStar03 (working with the DEVCORE Internship Program), Kentaro Kawane of GMO Cybersecurity, and Marcin Wiązowski—each receiving $30,000 for privilege-escalation zero-days.

Day three will escalate the pressure further. Organizers say the next round of targets includes Microsoft Windows 11, VMware ESXi, Red Hat Enterprise Linux, Microsoft SharePoint, and several AI coding agents.

Pwn2Own Berlin 2026’s second-day results add to the broader contest legacy: during last year’s Pwn2Own Berlin event, Trend Micro’s Zero Day Initiative awarded 1,078,750 for 29 zero-day flaws and some bug collisions.

Pwn2Own Berlin 2026 OffensiveCon Microsoft Exchange Windows 11 zero-day vulnerabilities SYSTEM privileges Red Hat Enterprise Linux for Workstations NVIDIA Container Toolkit Cursor AI coding agent OpenAI Codex