The Pwn2Own Berlin 2026 security competition has brought to light a series of critical zero-day vulnerabilities across major software platforms, including Microsoft Exchange, Windows 11, and various AI development tools. Over the course of two days, security researchers demonstrated 39 unique zero-day exploits, earning a total of $908,750 in rewards.
Microsoft Exchange Remote Code Execution
A standout moment occurred when Orange Tsai of the DEVCORE Research Team successfully chained three vulnerabilities to achieve remote code execution (RCE) with SYSTEM privileges on Microsoft Exchange Server. This exploit earned Tsai $200,000, marking it as the highest-value exploit of the event. The implications are severe, as Exchange servers are central to enterprise communications. An attacker with such access could intercept emails, deploy malware, or impersonate executives, leading to potential espionage and data breaches.
Windows 11 Privilege Escalation
Windows 11 was also a focal point, with multiple successful exploits demonstrating privilege escalation vulnerabilities. On the first day, three independent researchers each earned $30,000 for uncovering such flaws. On the second day, Siyeon Wi exploited an integer overflow vulnerability, further highlighting the need for robust security measures in the latest Windows operating system.
AI Development Tools Under Siege
AI and developer-focused tools emerged as significant targets. Cursor IDE was exploited twice by different teams, revealing multiple vulnerabilities in AI-assisted coding environments. Additionally, OpenAI Codex and LM Studio were compromised, underscoring the growing attack surface in AI development tools. These findings emphasize the necessity for enhanced security in AI platforms, which are increasingly integrated into critical development workflows.
Event Overview
Pwn2Own Berlin 2026, held at the OffensiveCon conference, saw researchers collect over $908,000 in prizes after demonstrating 39 unique zero-day vulnerabilities across various platforms, including Windows 11, Microsoft Exchange, Microsoft Edge, Red Hat Enterprise Linux, Nvidia infrastructure, and several AI platforms. The event reached full capacity for the first time in its 19-year history, with over 150 researchers turned away due to scheduling limits. All vendors have 90 days from disclosure to patch the flaws demonstrated at Pwn2Own.
