During the second day of Pwn2Own Berlin 2026, participants earned $385,750 in cash prizes by demonstrating 15 unique zero-day vulnerabilities across various products, including Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux for Workstations. The competition, held at the OffensiveCon conference from May 13–16, focuses on enterprise technologies and artificial intelligence. Security researchers have the opportunity to win more than $1,000,000 in cash and prizes by successfully compromising fully patched systems in categories such as web browsers, enterprise applications, cloud-native and container environments, virtualization, local privilege escalation, servers, local inference, and large language models (LLMs). Per the event rules, all target devices run the latest versions of their operating systems, and every entry must achieve full system compromise with arbitrary code execution. Vendors are given 90 days to patch their software and hardware once zero-days are disclosed at Pwn2Own. The second day’s standout performance came from Cheng-Da Tsai (Orange Tsai) of the DEVCORE Research Team, who earned $200,000 by chaining three bugs to achieve remote code execution with SYSTEM privileges on Microsoft Exchange. Siyeon Wi collected $783,500 for exploiting an integer overflow to compromise Windows 11. Ben Koo of Team DDOS earned a $10,220 prize by escalating to root on Red Hat Enterprise Linux for Workstations, while 211xDACA and Noam Trobishi used a use-after-free vulnerability to attack the NVIDIA Container Toolkit. In the AI category, Le Duc Anh Vu of Viettel Cyber Security hacked the Cursor AI coding agent for $22,226, Sina Kheirkhah of Summoning Team demonstrated an OpenAI Codex zero-day worth $22,210, and Compass Security earned $75,032.50 by exploiting Cursor. Pwn2Own leaderboard (ZDI). On day one, Orange Tsai earned an additional $26,000 by chaining four logic bugs to escape the Microsoft Edge sandbox. Valentina Palmiotti (chompie) from IBM X-Force Offensive Research took home $20,000 for rooting Red Hat Linux for Workstations and another $50,000 for an NVIDIA Container Toolkit zero-day. Windows 2 was compromised three times that same day by Angelboy and TwinkleStar03 (from the DEVCORE Internship Program), Kentaro Kawane of GMO Cybersecurity, and Marcin Wiązowski, with each earning $30,000 for demonstrating fresh privilege-escalation zero-days.
On the third day of Pwn2Own, participants will target Microsoft Windows 11, VMware ESXi, Red Hat Enterprise Linux, Microsoft SharePoint, and various AI coding agents. The complete day-two schedule and results can be found here, while the full Pwn2Own Berlin 2026 schedule is available here.
At last year’s Pwn2Own Berlin event, Trend Micro’s Zero Day Initiative paid out $1,078,750 for 29 zero-day vulnerabilities and several bug collisions.
Automated penetration-testing tools provide genuine value, yet they were designed to answer just one question: can an attacker traverse the network? This guide isn’t about checking if your security controls stop threats, if your detection rules trigger, or if your cloud settings are solid. Instead, it focuses on the 6 key areas you truly need to test and validate. Download now.
BleepingComputer