Pwn2Own Berlin 2026 is shaping up to be a landmark event in cybersecurity, with Day Two showcasing a significant array of zero-day vulnerabilities. These exploits, targeting key enterprise software, artificial intelligence tools, and operating systems, underscore the expansive attack surface present in today’s digital landscape.
Microsoft Exchange Vulnerability Dominates
Among the most impactful discoveries was a critical exploit on Microsoft Exchange. Orange Tsai of DEVCORE orchestrated a sophisticated attack by chaining three vulnerabilities, achieving remote code execution (RCE) with SYSTEM privileges. This formidable attack fetched $200,000 and 20 Master of Pwn points, marking it as the event’s highest-value exploit.
The implications of such an attack are severe, given Exchange servers’ central role in enterprise communications. Successful exploitation could allow attackers to commandeer an organization’s email infrastructure, facilitating espionage, malware deployment, and phishing attacks.
Operating System Exploits: Windows 11 and Linux
Operating systems were not spared from scrutiny, with Windows 11 and Linux both targeted. Siyeon Wi’s exploit of an integer overflow vulnerability in Windows 11 allowed for privilege escalation, earning them $7,500. Despite a smaller payout, vulnerabilities like this one are significant for enabling attackers to gain full control from limited access.
In parallel, Ben Koo from Team DDOS exploited a use-after-free vulnerability in Red Hat Enterprise Linux, reinforcing the persistence of memory safety issues in critical systems. These discoveries emphasize the ongoing threat posed by such vulnerabilities across various platforms.
AI Tools and Developer Platforms Under Fire
AI-assisted development tools emerged as a focal point, with multiple exploits highlighting their susceptibility. Teams targeted Cursor IDE, revealing multiple vulnerabilities, while the Summoning Team compromised OpenAI Codex using a novel exploit chain. Additionally, OtterSec researchers launched a code-injection attack on LM Studio.
These incidents highlight the growing interest in AI development tools as high-value targets due to their integral role in accessing source code and developer workflows. Despite some unsuccessful attempts against other software like Apple Safari and Microsoft SharePoint, the competition remains fierce.
With one day remaining, DEVCORE leads the contest with 40.5 points and $405,000 in winnings. As the event progresses, vendors including Microsoft and Red Hat are racing to patch exposed vulnerabilities, underscoring the importance of these discoveries as a warning for potential future threats.
