The record – breaking cyber security competition Pwn2Own 2026 concluded in Berlin as part of the OffensiveCon conference, officially wrapping up on May 16. Participants uncovered 39 critical zero – day vulnerabilities, earning a combined total of over $908,000, with the most high – profile targets being Windows 11 and Microsoft Exchange.
The first day of the tournament brought experts $523,000 for discovering 24 hidden software security flaws. Cybersecurity researcher Orange Tsai from the prominent DEVCORE team became the real star of this stage by brilliantly hacking the security of the popular Microsoft Edge browser. The specialist managed to construct a unique chain of four sequential logical errors to completely escape the browser’s isolated sandbox, earning a $175,000 reward from the organizers.
On the same day, Windows 11 suffered three independent hacks – each expert earned $30,000 for disclosing zero – day vulnerabilities that allow privilege escalation. Additionally, Valentina Palmiotti from the IBM X – Force team received $70,000 for successful attacks on the NVIDIA Container Toolkit and Red Hat Linux. In the AI category, successful exploits were also demonstrated against OpenAI Codex, LiteLLM, NVIDIA Megatron Bridge, Chroma, and LM Studio.
The second day of the competition brought 15 new vulnerabilities with total rewards amounting to $385,750. The largest prize of $200,000 was again claimed by Orange Tsai, who combined three bugs for remote code execution with SYSTEM privileges on a fully updated Microsoft Exchange server. During the same day, Windows 11 was compromised once more, along with the Cursor AI programming assistant and the OpenAI Codex model, which became a successful target for the second time.
This year, the contest reached its maximum capacity of participants for the first time, while more than 150 researchers could not participate due to schedule constraints. A portion of the cyber experts decided to publish their discovered zero – day vulnerabilities in the public domain immediately. Now, according to the rules, all companies have exactly 90 days to patch the demonstrated security flaws.
Earlier this month, the first case was confirmed where artificial intelligence independently created and executed an exploit aimed at bypassing two – factor authentication in a popular web – administrative tool. This milestone highlights a completely new level of risks associated with the deployment of AI in the field of cybersecurity.
