Back

Pwn2Own Berlin 2026: Major Exploits on Windows 11 and Microsoft Edge

Severity: High (Score: 69.5)

Sources: www.zerodayinitiative.com, Bleepingcomputer, Gbhackers, Cybersecuritynews

Summary

During the Pwn2Own Berlin 2026 contest, security researchers exploited 24 unique zero-day vulnerabilities, earning $523,000 in total rewards. Key targets included Microsoft Edge and Windows 11, with notable exploits involving sandbox escapes and privilege escalation. Orange Tsai led with a $175,000 reward for chaining four logic bugs. Other successful exploits included attacks on LiteLLM and NVIDIA platforms. The contest, running from May 14 to May 16, focuses on enterprise technologies and AI systems. Competitors are expected to target additional software, including Microsoft SharePoint and Apple Safari, on subsequent days. Vendors have 90 days to address the disclosed vulnerabilities. Key Points: • 24 zero-day vulnerabilities exploited, totaling $523,000 in rewards. • Microsoft Edge and Windows 11 were primary targets, with multiple successful hacks. • Contest runs until May 16, 2026, with more exploits planned against various software.

Key Entities

  • Zero-day Exploit (attack_type)
  • Pwn2Own Berlin 2026 (campaign)
  • United States (country)
  • trendmicro.com (domain)
  • [email protected] (email)
  • Anthropic Claude Code (tool)
  • LiteLLM (tool)
  • OpenAI Codex (tool)
  • Apple MacBook Pro (platform)
  • Apple Safari (platform)
  • KVM (platform)
  • LM Studio (platform)
  • MacOS Tahoe (platform)
  • Cursor (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed