Pwn2Own Berlin 2026 - Windows 11 and Microsoft Exchange hacked

Pwn2Own Berlin 2026 paid out over $908,000 across 39 zero-days in two days, with Microsoft Exchange and Windows 11 among the most notable targets.

Pwn2Own Berlin 2026 paid out over $908,000 across 39 zero-days in two days, with Microsoft Exchange compromised for $200,000 and Windows 11 hacked four times.

Darryl Linington, Published 05/16/2026

Pwn2Own Berlin 2026 is wrapping up today at the OffensiveCon conference, and across two confirmed days the numbers are significant. Researchers have collected over $908,000 in prizes after demonstrating 39 unique zero-day vulnerabilities across Windows 11, Microsoft Exchange, Microsoft Edge, Red Hat Enterprise Linux, Nvidia infrastructure, and a string of AI platforms. Day 3 results are still to come.

Day 1 – Edge falls, Windows 11 hacked three times

Day 1 paid out $523,000 across 24 zero-days. The standout was Orange Tsai of the DEVCORE Research Team, who chained four logic bugs to escape the Microsoft Edge sandbox and earn $175,000 in a single demonstration. Windows 11 was hacked three separate times by three independent researchers, each earning $30,000 for privilege escalation zero-days. Valentina Palmiotti of IBM X-Force collected $70,000 across two separate exploits targeting the NVIDIA Container Toolkit and Red Hat Linux. The AI category was equally active: LiteLLM, OpenAI Codex, NVIDIA Megatron Bridge, Chroma, and LM Studio all fell on Day 1.

Day 2 - Exchange compromised for $200,000

Day 2 paid out $385,750 across 15 zero-days. Orange Tsai appeared again, this time chaining three bugs to gain remote code execution with SYSTEM privileges on a fully patched Microsoft Exchange Server, the single highest-earning exploit of the competition so far at $200,000. Windows 11 was hacked again on Day 2, as was the Cursor AI coding agent. OpenAI Codex was also targeted for a second time by a different researcher.

Capacity packed

The event hit capacity for the first time in its 19-year history. Over 150 researchers were turned away due to scheduling limits, with some dropping zero-days publicly rather than waiting for next year. All vendors have 90 days from disclosure to patch the flaws demonstrated at Pwn2Own.

Notebookcheck covered Google's confirmation of the first AI-developed zero-day earlier this month, in which an AI model wrote and deployed a functional exploit targeting a 2FA bypass in a widely used web administration tool

Source(s)

Zerodayinitiative.com

BleepingComputer

OffensiveCon conference

⟨

Citizen releases new EcoDrive watch with colorful soccer-inspired design

Add as a preferred source on Google

Loading Comments

Comment on this article

Darryl Linington - Tech Writer - 269 articles published on Notebookcheck since 2025

I’m a tech editor and journalist with more than 20 years of experience covering smartphones, AI, gaming hardware, and emerging technology. I’m passionate about making complex topics clear, engaging, and relevant—especially when they shape how we live, work, and play. I’m also an author with a love for psychological thrillers, horror, and honest, emotionally driven storytelling. My books include Drowning, 3:33 a.m., The Midnight Murderer, Keystrokes of Vengeance, and Life’s Too Short For This Sh!t!. Whether I’m writing about technology or fiction, my goal is always to connect with readers, spark thought, and leave a lasting impression. Inspired by my daughters and shaped by years of media experience, I bring curiosity and purpose to everything I write.

contact me via: @DarrylLinington, Facebook, DarrylLinington, LinkedIn

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2026 05 > Pwn2Own Berlin 2026 - Windows 11 and Microsoft Exchange hacked

Darryl Linington, 2026-05-16 (Update: 2026-05-16)

Day 1 – Edge falls, Windows 11 hacked three times

Day 2 - Exchange compromised for $200,000

Capacity packed

Source(s)

Related Articles