Pwn2Own Berlin 2026 opened with $523,000 in cash awards after researchers demonstrated 24 unique zero-days across Microsoft Edge, Windows 11, Red Hat Linux, NVIDIA software, and multiple AI and enterprise platforms. The event continues at OffensiveCon as teams target products from Microsoft, Apple, Google, OpenAI, Anthropic, and Mozilla, with vendors given 90 days to patch disclosed flaws. #Pwn2OwnBerlin2026 #MicrosoftEdge #Windows11 #RedHatLinux #NVIDIAContainerToolkit #OpenAI #AnthropicClaudeCode #MozillaFirefox
Keypoints
- Researchers earned $523,000 on day one by exploiting 24 unique zero-days.
- Orange Tsai won $175,000 for chaining four logic bugs to escape Microsoft Edge’s sandbox.
- Multiple teams hacked Windows 11 and received $30,000 each for new privilege escalation flaws.
- Valentina Palmiotti earned prizes for rooting Red Hat Linux for Workstations and targeting the NVIDIA Container Toolkit.
- Day two targets include Microsoft SharePoint, Microsoft Exchange, Apple Safari, Cursor, OpenAI Codex, LiteLLM, Anthropic Claude Code, and Mozilla Firefox.