Pwn2Own Berlin 2026 has come to an finish, and contributors earned a complete of practically $1.3 millon for exploits concentrating on Home windows, Linux, VMware, Nvidia, and AI merchandise.
In response to TrendAI’s Zero Day Initiative (ZDI), white hat hackers have been awarded $1,298,250 for 47 distinctive vulnerabilities. Almost $750,000 of the overall quantity was gained by the primary two groups: Devcore and StarLabs SG.
The 2 groups additionally obtained the very best payouts for a single exploit chain. Devcore earned $200,000 for a distant code execution exploit with System privileges on Microsoft Trade, and $175,000 for a Microsoft Edge sandbox escape. It additionally obtained $100,000 for exploiting Microsoft SharePoint.
StarLabs SG gained $200,000 for a VMware ESX exploit that included a cross-tenant code execution add-on. VMware was on the occasion and famous final week that Pwn2Own contributors can earn as much as $200,000 for ESX exploits.
The third-place staff, Out Of Bounds, earned a complete of $95,750.
Unsurprisingly, there have been many profitable makes an attempt within the AI product class. Contributors earned $40,000 rewards for hacking LiteLLM, OpenAI Codex, and LM Studio.
Cursor exploits earned $15,000 and $30,000, whereas an Ollama exploit earned researchers $28,000 (the exploit included a identified vulnerability). $20,000 bounties had been obtained by Pwn2Own contributors for OpenAI Codex, Claude Code, LM Studio, NVIDIA Megatron Bridge, and Chroma vulnerabilities.
Between $2,500 and $50,000 was earned for numerous exploits concentrating on Crimson Hat Linux, Home windows 11, NVIDIA Megatron Bridge, and NVIDIA Container Toolkit.
There have been eight failed makes an attempt. They focused Oracle Autonomous AI Database, NV Container Toolkit, OpenAI Codex, Safari, SharePoint, Crimson Hat Enterprise Linux for Workstations, Firefox, and VMware ESX.
Worldwide Cyber Digest reported that a number of groups had been unable to enroll in Pwn2Own as a result of all time slots had been already taken. Some white hat hackers who couldn’t register determined to reveal their findings on to distributors, and a few have begun publicly disclosing their exploits.
