Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026

Summary

At Pwn2Own Berlin 2026's first day, security researchers demonstrated 24 unique zero-day vulnerabilities across enterprise and AI technologies, earning $523,000 in cash awards. Highlights included Orange Tsai's $175,000 sandbox escape on Microsoft Edge via chained logic bugs, multiple Windows 11 privilege escalation exploits, and zero-days in AI/ML tools like LiteLLM, NVIDIA Megatron, OpenAI Codex, and Chroma. Vendors have 90 days to patch all disclosed flaws.

Full text

Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026 By Sergiu Gatlan May 14, 2026 02:53 PM 0 On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. Today's highlight was the attempt of Cheng-Da Tsai (also known as Orange Tsai) of DEVCORE Research Team, who was awarded $175,000 in rewards after chaining 4 logic bugs to achieve a sandbox escape on Microsoft Edge. Windows 11 was also hacked three times by Angelboy and TwinkleStar03 (working with the DEVCORE Internship Program), Marcin Wiązowski, and Kentaro Kawane of GMO Cybersecurity, each earning $30,000 in cash rewards for demonstrating new privilege escalation zero-days. Valentina Palmiotti (chompie) of IBM X-Force Offensive Research (XOR) also collected $20,000 after rooting Red Hat Linux for Workstations and another $50,000 for a zero-day in the NVIDIA Container Toolkit. Other successful attempts include k3vg3n chaining 3 bugs to take down LiteLLM ($40,000), Satoki Tsuji and haehae exploiting NVIDIA Megatron Bridge zero-days ($20,000), Compass Security and maitai of Doyensec hacking OpenAI's Codex coding agent (each earning $40,000), haehae dropping a Chroma zero-day ($20,000), and STARLabs SG a LM Studio zero-day ($40,000). The DEVCORE Research Team is now leading the competition with $205,000, followed by Valentina Palmiotti with $70,000. ​​The Pwn2Own Berlin 2026 hacking contest, which focuses on enterprise technologies and artificial intelligence, takes place at the OffensiveCon conference from May 14 to May 16. On the second day, the competitors will also attempt to exploit zero-days in Microsoft SharePoint, Microsoft Exchange, Windows 11, Apple Safari, Cursor, Red Hat Enterprise Linux for Workstations, LM Studio, OpenAI Codex, LiteLLM, Anthropic Claude Code, and Mozilla Firefox. Security researchers targeting fully patched products in the web browser, virtualization, local privilege escalation, servers, enterprise applications, cloud-native/container, local inference, and LLM categories can earn over $1,000,000 in cash and prizes. According to Pwn2Own's rules, all targeted devices run the latest operating system versions, and all entries must compromise the target and demonstrate arbitrary code execution. After the zero-day flaws are disclosed during the Pwn2Own competition, vendors have 90 days to release security fixes for their software and hardware products. Last year, TrendMicro's Zero Day Initiative awarded 1,078,750 for 29 zero-day vulnerabilities and some bug collisions. The Validation Gap: Automated Pentesting Answers One Question. You Need Six. Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.This guide covers the 6 surfaces you actually need to validate. Download Now Related Articles: Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026Microsoft Exchange, Windows 11 hacked on second day of Pwn2OwnRecently leaked Windows zero-days now exploited in attacksWindows BitLocker zero-day gives access to protected drives, PoC releasedNew Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released

Entities