Pwn2Own Berlin 2026 has wrapped up, with security researchers collectively earning $1,298,250 in prize money after exploiting 47 previously unknown zero-day vulnerabilities across a wide range of enterprise and consumer targets. The contest — organized by Trend Micro's Zero Day Initiative (ZDI) — ran for three days and drew top vulnerability researchers from around the world.
The Numbers
| Metric | Value |
|---|---|
| Total prizes awarded | $1,298,250 |
| Zero-day vulnerabilities exploited | 47 |
| Contest duration | 3 days |
| Location | Berlin, Germany |
The $1.29 million payout places Pwn2Own Berlin 2026 among the highest-earning contests in the event's history, reflecting both the difficulty of the targets and the skill of participating researchers.
What Was Exploited
Pwn2Own Berlin 2026 featured categories spanning enterprise platforms, browsers, virtualization, operating systems, and — in an expansion reflecting the current threat landscape — AI and machine learning products. Confirmed targets that fell during the contest include:
- Microsoft Windows — Multiple privilege escalation and kernel-level exploits
- VMware Workstation / ESXi — Virtualization escape vulnerabilities
- Mozilla Firefox — Browser memory corruption leading to sandbox escape
- Enterprise software — Including widely deployed server-side platforms
- AI/ML products — A new category added to reflect the growing attack surface of AI tooling in enterprise environments
The inclusion of AI products as an explicit category signals ZDI's recognition that AI-integrated enterprise tools now carry significant security risk — a concern echoed by CISA and major security vendors throughout 2026.
Master of Pwn
Each successful exploit earns the competing team points toward "Master of Pwn" — the overall champion of the contest. Teams accumulate points based on the difficulty of the exploit, the number of vulnerabilities chained, and the criticality of the target. Full results including the Master of Pwn ranking were being tabulated at time of writing.
What Happens to the Bugs
All vulnerabilities demonstrated at Pwn2Own are disclosed to the affected vendors under the Zero Day Initiative's coordinated disclosure process. Vendors typically receive 90 days to issue patches before ZDI publishes the technical details publicly. This process has resulted in patches for hundreds of previously unknown zero-days over the contest's history.
For the 47 bugs demonstrated at Berlin 2026, affected vendors — including Microsoft, VMware, Mozilla, and others — now have active vulnerability reports on file and the clock is running on their 90-day disclosure windows.
Why Pwn2Own Results Matter for Security Teams
Pwn2Own is not simply a hacking competition. The vulnerabilities demonstrated at the contest represent real flaws in production software that, while unknown to attackers today, will become known once vendor patches are released. Security teams should:
- Watch ZDI advisories — As vendors patch vulnerabilities demonstrated at Berlin 2026, ZDI will publish advisories. Patch immediately upon release.
- Prioritize virtualization security — VMware escapes at Pwn2Own historically translate into real-world exploitation within months, particularly by ransomware groups targeting virtualized infrastructure.
- Monitor browser patching — Firefox zero-days from Pwn2Own contests have a history of rapid weaponization; treat browser patches post-Pwn2Own as emergency updates.
- Assess AI product exposure — If your organization uses AI/ML products in enterprise environments, evaluate whether those products appeared in the Pwn2Own target list and apply patches from those vendors as a priority.
Historical Context
Pwn2Own has been running since 2007. Berlin 2026 continues a pattern of escalating prize pools and vulnerability counts, reflecting both the maturation of the vulnerability research community and the growing complexity (and attack surface) of enterprise software stacks. The $1.29 million in prizes at Berlin surpasses several prior contests and underscores ZDI's investment in incentivizing responsible disclosure of high-impact vulnerabilities.