Back

Pwn2Own Berlin 2026: Microsoft Edge and Windows 11 Exploited by Ethical Hackers

Severity: High (Score: 67.5)

Sources: www.zerodayinitiative.com, Bleepingcomputer, Gbhackers

Summary

During the first day of Pwn2Own Berlin 2026 on May 14, security researchers exploited 24 unique zero-day vulnerabilities, earning $523,000 in rewards. Notable hacks included a sandbox escape on Microsoft Edge by Orange Tsai, who received $175,000. Windows 11 was compromised three times, with researchers earning $30,000 each for privilege escalation exploits. Other targets included LiteLLM and NVIDIA platforms, with various researchers demonstrating significant vulnerabilities. The competition, which runs until May 16, aims to expose flaws in enterprise technologies and AI systems. Competitors are targeting fully patched systems, and vendors have 90 days to address disclosed vulnerabilities. The DEVCORE Research Team leads the competition with $205,000 in earnings. Key Points: • 24 unique zero-day vulnerabilities were exploited, earning $523,000 in total. • Microsoft Edge and Windows 11 were among the primary targets, with multiple successful exploits. • The competition runs until May 16, focusing on enterprise technologies and AI systems.

Key Entities

  • Zero-day Exploit (attack_type)
  • United States (country)
  • trendmicro.com (domain)
  • [email protected] (email)
  • Anthropic Claude Code (tool)
  • LiteLLM (tool)
  • OpenAI Codex (tool)
  • Apple MacBook Pro (platform)
  • Apple Safari (platform)
  • KVM (platform)
  • LM Studio (platform)
  • MacOS Tahoe (platform)
  • Cursor (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed