Pwn2Own Berlin 2026 has wrapped, and this year's event gave the security world a lot to pay attention to.
Over three days, security researchers demonstrated 47 unique zero-day vulnerabilities across major enterprise platforms, operating systems, virtualization software, AI tooling, and cloud-native technologies. The total prize pool paid out reached $1,298,250, with DEVCORE taking the title of Master of Pwn after earning 50.5 points and $505,000 in rewards.
That headline sounds dramatic, and in some ways it is. But it is important to understand what Pwn2Own is, what these demonstrations actually mean, and why this does not mean 47 public exploits were suddenly released into the wild.
What is Pwn2Own?
Pwn2Own is one of the best-known hacking competitions in the cybersecurity world. It is run by the Zero Day Initiative, often shortened to ZDI, and brings together skilled security researchers to demonstrate previously unknown vulnerabilities in real products.
The name comes from the idea of "pwn to own." In the early days, researchers could win the device they successfully hacked. Over time, the contest has grown into a major vulnerability research event, with cash prizes, strict rules, vendor coordination, and a strong focus on responsible disclosure.
Pwn2Own is not a free-for-all hacking event. Researchers do not simply publish exploit code online. Instead, they demonstrate their work under controlled conditions. If the exploit is valid, the details are handed over through ZDI's disclosure process so the affected vendors can investigate and prepare fixes.
That is one of the reasons the event matters. It gives defenders a rare preview of where real weaknesses exist, before those details become widely known.
What made Berlin 2026 different?
Pwn2Own Berlin 2026 was held at OffensiveCon and focused heavily on enterprise technology. This year's schedule included traditional high-value targets like Microsoft Exchange, SharePoint, Windows 11, browsers, Linux, and VMware ESXi. It also included newer categories involving AI tools, coding agents, local inference systems, NVIDIA products, and cloud-native/container technologies.
That mix says a lot about where security is heading.
A few years ago, most people would expect a hacking contest to focus on browsers, phones, operating systems, or consumer devices. Those still matter, but enterprise environments now depend on a much wider stack. AI coding assistants, local model runtimes, containers, virtualization platforms, identity systems, and collaboration tools are all becoming part of the attack surface.
Pwn2Own Berlin 2026 reflected that reality.
What happened during the event?
The contest ran across three days.
On Day 1, researchers demonstrated 24 unique zero-days, earning $523,000 in rewards. DEVCORE was already leading the Master of Pwn race by the end of the first day.
On Day 2, competitors added 15 more unique zero-days and earned another $385,750. Targets that day included major enterprise systems such as Microsoft Exchange, Windows 11, and Red Hat Enterprise Linux for Workstations. By the end of the second day, the event total had reached 39 unique zero-days and $908,750 in awards.
On Day 3, the final total reached 47 unique zero-days and $1,298,250 in payouts. DEVCORE finished first overall and was named Master of Pwn.
The affected target areas included:
| Category | Examples from the event |
|---|---|
| Enterprise collaboration | Microsoft Exchange, Microsoft SharePoint |
| Operating systems | Windows 11, Red Hat Enterprise Linux |
| Browsers | Microsoft Edge, Apple Safari |
| Virtualization | VMware ESXi |
| AI and developer tools | AI coding agents, local inference tools, AI-related platforms |
| Cloud-native and containers | Container and infrastructure-focused targets |
| Hardware/software platforms | NVIDIA-related categories |
The big takeaway is not just the number of bugs. It is the range of products. The event showed how broad the modern enterprise attack surface has become.
Are these zero-days being actively exploited?
Based on the public reporting around the event, these should not be treated as public exploit releases.
A zero-day in this context means the researchers demonstrated a previously unknown vulnerability during the competition. It does not automatically mean attackers are using it in the wild, and it does not mean exploit code has been published for everyone to copy.
That said, organizations should still pay attention.
These findings are now in the coordinated disclosure pipeline. Vendors will review the reports, reproduce the issues, develop patches, and eventually release fixes or advisories. ZDI's public disclosure policy refers to a 120-day disclosure timeline, with extensions granted only in rare cases.
So the practical message is this: this is not a panic moment, but it is absolutely a patch-watch moment.
Why defenders should care
For security teams, Pwn2Own is useful because it highlights where serious research attention is going.
The presence of Microsoft Exchange and SharePoint is not surprising. These products sit deep inside many organizations and are attractive targets because they often handle sensitive communication, documents, authentication flows, and internal business data.
Windows 11, Edge, Safari, and Linux targets show that endpoint and operating system security still matter. Even mature platforms continue to produce exploitable bugs when talented researchers look closely enough.
VMware ESXi is especially important because virtualization infrastructure often supports large parts of an organization's environment. A serious vulnerability in a hypervisor or management layer can have a much bigger impact than a bug in a single workstation.
The AI categories are also worth watching. AI coding agents and local inference tools are moving quickly from experiments into real business workflows. As these tools gain access to source code, credentials, internal documents, terminals, and developer environments, their security becomes much more important.
In other words, Pwn2Own Berlin 2026 was not just a hacking contest. It was a map of where modern security risk is expanding.
What organizations should do now
The best response is not panic. It is preparation.
Organizations should identify whether they use the affected product families, especially Microsoft Exchange, SharePoint, Windows 11, Red Hat Enterprise Linux, VMware ESXi, Edge, Safari, AI coding tools, local inference tools, NVIDIA-related software, and container platforms.
Security teams should watch vendor advisories over the coming weeks and months. Since the technical details are not immediately public, the most useful action is to stay ready for patches when vendors release them.
It is also a good time to review basic exposure. Internet-facing Exchange or SharePoint servers should be inventoried carefully. Virtualization platforms should be monitored and access to management interfaces should be tightly limited. AI development tools should be reviewed for permissions, integrations, and access to sensitive repositories or secrets.
The less glamorous work still matters most: patch quickly, reduce exposed services, segment critical systems, monitor logs, and make sure backups and recovery plans are actually usable.
The bigger lesson
Pwn2Own Berlin 2026 showed that even heavily tested, widely used technologies still contain unknown vulnerabilities. That is not a failure of one vendor or one product. It is the reality of complex software.
The event also showed that security research is expanding into newer areas. AI tools, coding agents, local model systems, and cloud-native infrastructure are no longer side topics. They are becoming mainstream security targets.
The right way to read the 47-zero-day headline is not "everything is broken." A better reading is this: the attack surface is changing, researchers are finding real weaknesses, and defenders need to keep up.
Pwn2Own works because it brings those weaknesses into a structured process. Researchers get rewarded, vendors get the details, and users eventually get patches. That process is not perfect, but it is far better than these bugs being found quietly by attackers first.
For now, Pwn2Own Berlin 2026 should go on every security team's radar as a patch-watch event. The real work starts after the headlines fade.