CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Microsoft Edge sandbox escape and Windows 11 privilege escalation zero-days demonstrated at Pwn2Own Berlin 2026

First reported
Last updated
2 unique sources, 3 articles

Summary

Hide ▲

Security researchers at Pwn2Own Berlin 2026, held from May 14 to May 16, 2026, demonstrated 47 unique zero-day exploits across enterprise technologies, AI systems, and virtualization platforms, earning $1.3 million in total rewards—up from the initially reported 39 exploits and $908,750 in prizes. Orange Tsai (DEVCORE Research Team) achieved SYSTEM-level remote code execution on Microsoft Exchange and a sandbox escape in Microsoft Edge via chained logic and memory corruption bugs, earning $375,000 in total. The Devcore Research Team became the overall competition winner with $505,000 in earnings after new exploits were reported, including a $100,000 Microsoft SharePoint chain by "splitline" and a $200,000 VMware ESXi cross-tenant code execution by Nguyen Hoang Thach of STARLabs SG. Six independent teams demonstrated Windows 11 privilege escalation zero-days, with awards ranging from $7,500 to $30,000. The event emphasized AI-focused targets for the first time, including coding agents (Cursor, Claude Code, OpenAI Codex), AI databases (Chroma, Postgres pgvector, Oracle Autonomous AI Database), and NVIDIA infrastructure (Megatron Bridge, NV Container Toolkit, Dynamo). All exploited vulnerabilities required arbitrary code execution on fully patched systems under Pwn2Own rules. Vendors were given 90 days to address disclosed zero-days before public disclosure.

Timeline

  1. 14.05.2026 21:53 3 articles · 4d ago

    Pwn2Own Berlin 2026: Day 1 zero-day demonstrations include Microsoft Edge sandbox escape and Windows 11 privilege escalation exploits

    Updated totals and new exploit details refine earlier reporting. The total number of unique zero-day exploits is revised upward to 47, with prizes totaling approximately $1.3 million. The Devcore Research Team wins the competition with $505,000 in earnings after new exploits are accounted for, including a $100,000 Microsoft SharePoint chain by "splitline" (chaining two bugs) and a $200,000 VMware ESXi cross-tenant code execution by Nguyen Hoang Thach of STARLabs SG (using a memory corruption bug). The AI focus is clarified to include coding agents (Cursor, Claude Code, OpenAI Codex) for the first time, alongside AI databases (Chroma, Postgres pgvector, Oracle Autonomous AI Database) and NVIDIA infrastructure targets (Megatron Bridge, NV Container Toolkit, Dynamo). All entries maintained the requirement of arbitrary code execution on fully patched systems under Pwn2Own rules.

    Show sources
    Open in new tab

Information Snippets

  • Orange Tsai chained four logic bugs to achieve a sandbox escape in Microsoft Edge, earning $175,000 in cash rewards.

    First reported: 14.05.2026 21:53
    1 source, 1 article
    Show sources

  • Windows 11 privilege escalation zero-days were demonstrated by three independent teams: Angelboy and TwinkleStar03 (DEVCORE Internship Program), Marcin Wiązowski, and Kentaro Kawane (GMO Cybersecurity), each earning $30,000.

    First reported: 14.05.2026 21:53
    1 source, 1 article
    Show sources

  • Valentina Palmiotti (IBM X-Force XOR) earned $20,000 for rooting Red Hat Linux for Workstations and an additional $50,000 for a zero-day in the NVIDIA Container Toolkit.

    First reported: 14.05.2026 21:53
    1 source, 1 article
    Show sources

  • Other notable exploits included k3vg3n chaining three bugs to compromise LiteLLM ($40,000), Satoki Tsuji and haehae exploiting NVIDIA Megatron Bridge zero-days ($20,000), and Compass Security and maitai (Doyensec) hacking OpenAI’s Codex coding agent ($40,000 each).

    First reported: 14.05.2026 21:53
    1 source, 1 article
    Show sources

  • haehae demonstrated a Chroma zero-day ($20,000) and STARLabs SG presented a zero-day in LM Studio ($40,000).

    First reported: 14.05.2026 21:53
    1 source, 1 article
    Show sources

  • The DEVCORE Research Team led the competition with $205,000 in earnings, followed by Valentina Palmiotti with $70,000.

    First reported: 14.05.2026 21:53
    1 source, 1 article
    Show sources

  • All targeted exploits required arbitrary code execution on fully patched systems under Pwn2Own rules. Vendors receive 90 days to address disclosed zero-days after the competition.

    First reported: 14.05.2026 21:53
    1 source, 1 article
    Show sources

  • Cheng-Da Tsai (Orange Tsai) of DEVCORE Research Team earned $200,000 after chaining three bugs to gain remote code execution with SYSTEM privileges on Microsoft Exchange during the second day of Pwn2Own Berlin 2026.

    First reported: 15.05.2026 20:47
    1 source, 1 article
    Show sources

  • Siyeon Wi exploited an integer overflow bug to hack Windows 11, earning $7,500 during the second day of Pwn2Own Berlin 2026.

    First reported: 15.05.2026 20:47
    1 source, 1 article
    Show sources

  • Ben Koo of Team DDOS escalated privileges to root on Red Hat Enterprise Linux for Workstations, earning $10,000 during the second day of Pwn2Own Berlin 2026.

    First reported: 15.05.2026 20:47
    1 source, 1 article
    Show sources

  • 0xDACA and Noam Trobishi exploited a use-after-free bug in the NVIDIA Container Toolkit during the second day of Pwn2Own Berlin 2026.

    First reported: 15.05.2026 20:47
    1 source, 1 article
    Show sources

  • Le Duc Anh Vu of Viettel Cyber Security hacked the Cursor AI coding agent for $30,000 in the AI category during Pwn2Own Berlin 2026.

    First reported: 15.05.2026 20:47
    1 source, 1 article
    Show sources

  • Sina Kheirkhah of Summoning Team demonstrated an OpenAI Codex zero-day for $20,000 during the second day of Pwn2Own Berlin 2026.

    First reported: 15.05.2026 20:47
    1 source, 1 article
    Show sources

  • Compass Security exploited the Cursor AI coding agent for $15,000 during the second day of Pwn2Own Berlin 2026.

    First reported: 15.05.2026 20:47
    1 source, 1 article
    Show sources

  • The second day of Pwn2Own Berlin 2026 featured 15 unique zero-day vulnerabilities exploited across Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux for Workstations, with $385,750 in cash awards distributed.

    First reported: 15.05.2026 20:47
    1 source, 1 article
    Show sources

  • The Pwn2Own Berlin 2026 competition awarded close to $1.3 million for 47 zero-day vulnerabilities, up from the initially reported 39 exploits.

    First reported: 18.05.2026 12:45
    1 source, 1 article
    Show sources

  • The Devcore Research Team won the event with $505,000 in total earnings, surpassing the previously reported $205,000.

    First reported: 18.05.2026 12:45
    1 source, 1 article
    Show sources

  • Nguyen Hoang Thach of STARLabs SG earned $200,000 for exploiting VMware ESXi with cross-tenant code execution using a memory corruption bug, a previously unreported exploit at this event.

    First reported: 18.05.2026 12:45
    1 source, 1 article
    Show sources

  • "splitline" of Devcore Research Team earned $100,000 for chaining two bugs to exploit Microsoft SharePoint, a new exploit not previously detailed in other sources.

    First reported: 18.05.2026 12:45
    1 source, 1 article
    Show sources

  • The competition had a stronger focus on AI systems, including AI databases (Chroma, Postgres pgvector, Oracle Autonomous AI Database) and coding agents (Cursor, Claude Code, OpenAI Codex), with coding agents being featured for the first time.

    First reported: 18.05.2026 12:45
    1 source, 1 article
    Show sources

  • Competitors targeted NVIDIA products including Megatron Bridge, NV Container Toolkit, and Dynamo, expanding beyond earlier reports.

    First reported: 18.05.2026 12:45
    1 source, 1 article
    Show sources

Similar Happenings

Autonomous validation loop becomes critical as AI-driven attacks reach machine-speed execution

In April 2026, an AI system codenamed Mythos, operating within a restricted sandbox, autonomously generated 181 working Firefox exploits within 14 days, including previously unknown zero-days affecting major operating systems and browsers; over 99% of these vulnerabilities remain unpatched in production environments. A separate campaign in February 2026 demonstrated that a single low-skill operator using AI-driven tools compromised 2,516 FortiGate devices across 106 countries within minutes, exploiting only known CVEs and misconfigurations. These incidents underscore that offensive operations now execute at machine speed, rendering traditional vulnerability response cycles obsolete. Defensive strategies must shift from compliance-driven assessments to continuous, evidence-based validation to identify what adversaries can actually exploit and how far they can move laterally before any human-driven remediation can occur.

Open in new tab

Critical RCE and EoP vulnerabilities in Microsoft products addressed in May Patch Tuesday

Microsoft’s May 2026 Patch Tuesday addressed 138 CVEs, including 30 Critical-rated vulnerabilities, across its product portfolio, with 16 flaws discovered using the AI-driven MDASH system. Key flaws include CVE-2026-41089 (Windows Netlogon stack-based buffer overflow, CVSS 9.8), CVE-2026-41096 (Windows DNS client RCE, CVSS 9.8), and CVE-2026-42898 (Microsoft Dynamics 365 RCE), alongside newly disclosed issues such as CVE-2026-33824 (double-free in ikeext.dll, CVSS 9.8) and CVE-2026-33827 (race condition in tcpip.sys, CVSS 8.1). The update also includes non-CVE changes requiring organizations to rotate Windows Secure Boot certificates to 2023 versions by June 26, 2026, to prevent boot-level security failures. Microsoft emphasized the growing role of AI in vulnerability discovery, noting that AI-assisted approaches like MDASH are expected to scale Patch Tuesday releases in the coming months. Earlier phases confirmed 120 CVEs addressed, 17 classified as Critical, and 16 discovered via the MDASH system, with specific focus on CVE-2026-41089, CVE-2026-41096, and CVE-2026-42898 as high-impact RCE and EoP flaws.

Open in new tab

76 Zero-Day Exploits Demonstrated at Pwn2Own Automotive 2026

Security researchers have demonstrated 76 zero-day vulnerabilities in automotive systems during Pwn2Own Automotive 2026, earning $1,047,000 in cash awards. Affected systems include in-vehicle infotainment (IVI) units, EV chargers, and automotive-grade Linux, with exploits targeting Tesla, Sony, ChargePoint, and other vendors. The competition, held in Tokyo from January 21 to 23, 2026, highlighted the persistent insecurity of IT and OT components in vehicles, particularly aftermarket IVI systems and charging infrastructure. The contest revealed that EV chargers, despite improvements, retain a large attack surface, and banned previously known unpatched vulnerabilities from infotainment systems. Vendors have 90 days to develop and release security fixes before disclosure. Team Fuzzware.io secured the top prize with $215,000, followed by Team DDOS ($100,750) and Synacktiv ($85,000). Experts at RSAC 2026 emphasized that modern vehicles are effectively 'computers on wheels,' with attack surfaces expanding alongside connectivity and autonomous driving capabilities. The automotive industry continues to grapple with securing complex systems reliant on millions of lines of code, often developed by disparate suppliers without deep cybersecurity expertise. Regulatory frameworks like UN Regulation No. 155 now mandate cybersecurity assessments and secure development practices for vehicles across 63 countries.

Open in new tab

73 Zero-day Vulnerabilities Exploited in Pwn2Own Ireland 2025

The Pwn2Own Ireland 2025 hacking competition concluded with security researchers collecting $1,024,750 in cash awards after exploiting 73 zero-day vulnerabilities. The event, held in Cork, Ireland, targeted vulnerabilities in various devices, including smartphones, messaging apps, smart home devices, printers, and more. The Zero Day Initiative (ZDI) operates the event to identify security flaws before threat actors can exploit them. Summoning Team won the competition with 22 Master of Pwn points and $187,500 earned throughout the three-day event. Team ANHTUD secured the second position with $76,750 and 11.5 Master of Pwn points, while Team Synactiv took third place with $90,000 in prizes and 11 Master of Pwn points. The event featured eight categories, including new attack vectors for mobile devices, and offered a $1 million reward for a zero-click WhatsApp exploit. On the first day, researchers demoed 34 unique zero-days and collected $522,500 in cash awards. Team DDOS chained eight zero-day flaws to hack a QNAP Qhora-322 Ethernet wireless router and gain access to a QNAP TS-453E NAS device, earning $100,000. On the second day, researchers exploited 56 unique zero-day vulnerabilities and collected $792,750 in cash awards. Ken Gannon and Dimitrios Valsamaras hacked the Samsung Galaxy S25, earning $50,000 and 5 Master of Pwn points. On the third day, the Samsung Galaxy S25 was hacked by Interrupt Labs via an improper input validation bug, earning 5 Master of Pwn points and $50,000.

Open in new tab

Zeroday.Cloud Hacking Competition Announced with $4.5 Million in Prizes

The Zeroday.Cloud hacking competition, announced by Wiz, offered $4.5 million in bug bounties for exploits in widely used cloud software. The event, scheduled for December 10-11 at the Black Hat Europe conference in London, covered six categories: AI, Kubernetes, containers, web servers, databases, and DevOps tools. Participants had to submit entries by December 1 and demonstrate exploits live at the event. The competition faced controversy due to alleged rule copying from Trend Micro's Pwn2Own hacking competition. Wiz partnered with AWS, Google Cloud, and Microsoft for the event. Google is also in the process of acquiring Wiz for $32 billion. Specific bounties ranged from $10,000 to $300,000. During the event, researchers were awarded $320,000 for demonstrating 11 zero-day vulnerabilities across 13 hacking sessions. Exploits were successful in Redis, PostgreSQL, Grafana, the Linux kernel, and MariaDB. A container escape flaw in the Linux kernel allowed attackers to break isolation between cloud tenants. Team Xint Code was crowned champion, receiving $90,000 for their exploits.

Open in new tab