Pwn2Own Berlin 2026 Day One: Windows 11, Edge, and AI Platforms Fall to 24 Zero‑Day Exploits

Pwn2Own Berlin 2026 opened with a surge of successful exploits against major enterprise software. On the first day alone, security researchers demonstrated 24 previously unknown vulnerabilities (zero‑days) across platforms including Windows 11, Microsoft Edge, Linux systems, and AI software, collecting $523,000 in prize money.

Microsoft technologies were among the most visible targets, with both Windows 11 and the Edge browser successfully compromised multiple times.

The biggest exploit: Microsoft Edge sandbox escape

The most valuable demonstration of the day came from Cheng‑Da Tsai (Orange Tsai) of the DEVCORE Research Team. Tsai chained four logic vulnerabilities to break out of the Microsoft Edge browser sandbox, achieving a full sandbox escape.

The exploit earned $175,000 and 17.5 Master of Pwn points, making it the single largest payout on day one and putting DEVCORE near the top of the competition leaderboard.

Sandbox escapes are especially valuable because modern browsers isolate web content from the rest of the system. Escaping that boundary allows attackers to move from a compromised webpage into the underlying operating system.

Windows 11 compromised three separate times

Microsoft’s flagship operating system was also successfully attacked three times on day one, each through a previously unknown privilege‑escalation vulnerability.

The successful demonstrations included:

• Angelboy and TwinkleStar03 (DEVCORE Internship Program) — Windows 11 privilege escalation, $30,000 reward.
• Marcin Wiązowski — Windows 11 privilege escalation, $30,000 reward.
• Kentaro Kawane (GMO Cybersecurity) — Windows 11 privilege escalation, $30,000 reward.

Privilege‑escalation exploits allow attackers who already have limited access to a system to gain higher privileges such as administrator or SYSTEM‑level control.

Overall results from day one

Across the competition’s first day:

• 24 unique zero‑day vulnerabilities were demonstrated.
• 22 exploit attempts targeted widely used software platforms.
• Researchers earned $523,000 in total rewards.

Targets included operating systems, browsers, AI tools, developer platforms, and infrastructure software—illustrating the expanding attack surface of modern enterprise technology.

At the same time: a real‑world Exchange Server zero‑day

While researchers were revealing vulnerabilities in a controlled environment, Microsoft simultaneously disclosed a separate zero‑day vulnerability actively exploited in the wild.

The flaw, CVE‑2026‑42897, affects on‑premises Microsoft Exchange Server deployments. It is caused by improper neutralization of input during web page generation, a form of cross‑site scripting (XSS) vulnerability.

Key details about the vulnerability include:

• It impacts Exchange Server 2016, 2019, and Subscription Edition.
• Attackers can exploit it remotely through crafted content that executes in Outlook on the web sessions.
• Microsoft confirmed the vulnerability is actively exploited in attacks.

Although some reports discussed Exchange exploitation during the same timeframe as Pwn2Own, there is no confirmed evidence that CVE‑2026‑42897 was one of the vulnerabilities demonstrated during the competition.

What happens after a Pwn2Own exploit

Pwn2Own demonstrations follow a coordinated disclosure process run by Trend Micro’s Zero Day Initiative (ZDI).

After a successful exploit:

1. The vulnerability details are privately disclosed to the affected vendor.
2. The vendor typically receives about 90 days to develop and release a patch.
3. Technical details are only made public after fixes are available.

This process allows security researchers to demonstrate real‑world attack techniques while giving vendors time to protect users before exploit code becomes public.

Why the results matter

The opening day of Pwn2Own Berlin 2026 highlights two parallel realities in cybersecurity:

• Even mature platforms like Windows 11 and Microsoft Edge still contain exploitable bugs that skilled researchers can chain into powerful attacks.
• At the same time, real attackers continue exploiting zero‑day vulnerabilities in production systems, such as the Exchange Server flaw disclosed during the event.

Competitions like Pwn2Own aim to shift those discoveries into a controlled environment—turning offensive research into patches before criminals can weaponize the same flaws.