Pwn2Own Berlin 2026 concluded on 16 May with DEVCORE Research Team claiming the Master of Pwn title, earning $505,000 across multiple successful exploits including Orange Tsai’s three-bug Exchange SYSTEM RCE chain. The three-day event produced 47 unique zero-day vulnerabilities and distributed $1,298,250 in prizes across competing research teams.
Final Leaderboard and Results
DEVCORE Research Team — Master of Pwn: 50.5 points, $505,000. Primary results: Exchange Server three-bug SYSTEM RCE chain ($200,000), plus additional exploits across Windows and other targets across the three days. DEVCORE’s Master of Pwn win continues a pattern of dominance by the Taiwanese research team, who have either won or placed highly at multiple Pwn2Own competitions and whose prior Exchange research (ProxyLogon, ProxyShell) defined enterprise threat response priorities for 2021–2022.
STARLabs SG: $200,000 for the VMware ESXi cross-tenant code execution — the single highest-value award at the competition for one bug.
Total prizes awarded: $1,298,250 across all participants.
Total unique zero-days: 47, across Windows 11 (7 separate exploits including 4 distinct LPE chains), VMware ESXi, Microsoft Exchange Server, Oracle VirtualBox, Red Hat Enterprise Linux, SharePoint, Microsoft Edge, and the new AI products category (LM Studio, OpenAI Codex, Claude Code, and two other AI tools).
The 90-Day Vendor Patch Clock
Every vendor whose product was exploited at Pwn2Own received full technical details under the Zero Day Initiative’s responsible disclosure programme immediately after each successful demonstration. The 90-day patch deadline for Day 1 exploits runs to 12 August; Day 3 exploits to 14 August. ZDI can grant limited extensions for complex patches, but the standard expectation is that patches are released before the deadline.
When patches are released, exploit code will not be made public — but full technical details will be shared with ZDI and the timeline will be public record. This provides experienced threat actors with a known date after which active vulnerability exploitation should be attempted, and a narrow window between “patch released” and “exploitation begins” for defenders.
What 47 Zero-Days in Three Days Means
The volume and scope of Pwn2Own Berlin 2026 results carry several implications beyond the individual vulnerabilities:
Enterprise attack surface breadth: 47 unique, independently discovered zero-days across a curated set of enterprise products — all fully patched entering the competition — demonstrates that the attack surface in enterprise infrastructure is consistently larger than defenders assume. These are not obscure edge-case bugs; they are in products that every large enterprise runs.
Research economics now favour attackers: The $1.3M in prizes is large by competition standards, but nation-state programmes and criminal broker markets pay significantly more for the same bugs. The researchers competing at Pwn2Own are conducting their research legally and reporting responsibly. The implication is that adversaries with comparable resources and without the ethical constraint to disclose have similar findings that are not being reported.
AI tools are now a legitimate target category: Five AI products exploited in the inaugural AI category — including tools used directly in enterprise development pipelines — confirms the attack surface security teams need to add to their scope.
Products Patching in the Coming 90 Days
Organisations should pre-plan emergency patch procedures for updates expected from: Microsoft (Exchange, Windows 11, Edge, SharePoint), Broadcom (VMware ESXi), Red Hat (RHEL), Oracle (VirtualBox), and AI tool vendors (LM Studio, others). Each patch, when released, should be treated with the urgency of a zero-day resolution given the public demonstration context.
Share this article