Pwn2Own Berlin 2026: Microsoft Exchange and Windows 11 breached as researchers expose 39 zero-days
Pwn2Own Berlin 2026 has delivered one of the most intense cybersecurity showcases in the event’s history, with researchers earning more than $908,000 in rewards after demonstrating 39 unique zero-day vulnerabilities in just two confirmed days of competition.
Held during the OffensiveCon conference, the event put some of the world’s most widely used software and enterprise platforms under pressure. Among the biggest targets were Windows 11, Microsoft Exchange, Microsoft Edge, Red Hat Enterprise Linux, Nvidia infrastructure tools, and several AI-focused platforms.
The most dramatic moment so far came when Microsoft Exchange was compromised through a chain of vulnerabilities that resulted in remote code execution with SYSTEM privileges. The exploit earned a $200,000 payout, making it the highest-value demonstration of the competition at this stage.
Windows 11 was also a major focus throughout the first two days. The operating system was successfully hacked four times by different researchers, each using privilege escalation flaws to demonstrate how attackers could potentially gain higher-level access on a fully patched system.
On the first day alone, researchers earned $523,000 after revealing 24 zero-day vulnerabilities. One of the standout demonstrations involved Microsoft Edge, where a researcher chained four logic bugs to escape the browser’s sandbox and secure a $175,000 prize.
Windows 11 was breached three separate times on Day 1, with each successful exploit earning $30,000. Other major demonstrations targeted Nvidia Container Toolkit and Red Hat Enterprise Linux, with additional exploits shown against several AI and developer-focused tools, including LiteLLM, OpenAI Codex, Nvidia Megatron Bridge, Chroma, and LM Studio.
Day 2 continued the momentum, adding $385,750 in payouts across 15 new zero-days. The Microsoft Exchange exploit dominated the day, but Windows 11 was compromised again, and AI development tools remained a prominent target. Cursor AI coding agent and OpenAI Codex were both successfully attacked, reinforcing growing concerns around the security of AI-assisted software platforms.
This year’s event also marked a milestone for Pwn2Own. For the first time in its 19-year history, the competition reached full capacity. More than 150 researchers were reportedly unable to participate because of scheduling limits, highlighting just how competitive and crowded the zero-day research space has become.
Some researchers who could not secure a slot chose to publicly disclose vulnerabilities rather than wait until the next event, a move that adds pressure on vendors and security teams to respond quickly.
As with all Pwn2Own events, vendors are given 90 days from disclosure to patch the vulnerabilities before technical details are made public. That timeline gives companies a limited window to protect users, enterprises, and infrastructure from potential real-world attacks.
The results from Pwn2Own Berlin 2026 underline an important reality: even fully patched systems from major technology companies can still contain serious security weaknesses. With Windows 11, Microsoft Exchange, browser sandboxes, Linux enterprise systems, Nvidia tools, and AI platforms all falling during the competition, the event serves as a powerful reminder of why proactive vulnerability research remains essential.
Day 3 results are still pending, meaning the final payout total and zero-day count could climb even higher before the competition officially concludes.
