Back

Pwn2Own Berlin 2026: Major Exploits Target Windows 11 and Microsoft Exchange

Severity: High (Score: 69.0)

Sources: Neowin, Securityaffairs.Co, www.zerodayinitiative.com, Cybersecuritynews, Bleepingcomputer

Summary

During the Pwn2Own Berlin 2026 event, held from May 14 to 16, security researchers exploited numerous zero-day vulnerabilities, earning over $900,000 in cash prizes. On the first day, 24 unique vulnerabilities were discovered, including multiple exploits against Windows 11 and Microsoft Edge, totaling $523,000. On the second day, 15 additional vulnerabilities were exploited, including significant flaws in Microsoft Exchange, bringing the total to 39 vulnerabilities and $908,750 awarded. Notable achievements included Orange Tsai's complex exploit for Microsoft Exchange, earning him $200,000. The competition emphasizes ethical hacking and incentivizes the discovery of vulnerabilities in enterprise technologies and AI systems. Vendors have 90 days to patch the disclosed vulnerabilities. The event showcases the ongoing challenges in securing modern software and highlights the need for robust security measures. Key Points: • Pwn2Own Berlin 2026 awarded over $900,000 for 39 zero-day exploits across two days. • Orange Tsai earned $200,000 for exploiting Microsoft Exchange using a complex attack chain. • Vendors have 90 days to address the vulnerabilities disclosed during the competition.

Key Entities

  • Zero-day Exploit (attack_type)
  • Pwn2Own Berlin 2026 (campaign)
  • United States (country)
  • Cwe-122 - Heap-based Buffer Overflow (cwe)
  • Cwe-190 - Integer Overflow Or Wraparound (cwe)
  • Cwe-416 - Use After Free (cwe)
  • CWE-862 - Missing Authorization (cwe)
  • toolkit.in (domain)
  • trendmicro.com (domain)
  • [email protected] (email)
  • T1068 - Exploitation for Privilege Escalation (mitre_attack)
  • T1190 - Exploit Public-Facing Application (mitre_attack)
  • Anthropic Claude Code (tool)
  • Cursor AI Coding Agent (tool)
  • LiteLLM (tool)
  • OpenAI Codex (tool)
  • Teams (tool)
  • Apple MacBook Pro (platform)
  • Apple Safari (platform)
  • IOS 11.1 (platform)
  • KVM (platform)
  • LM Studio (platform)
  • Cursor (company)
  • Nvidia Container Toolkit Zero-day (vulnerability)
  • OpenAI Codex Zero-day (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed