PWN 2Own Berlin 2026 has come to an end, with participants earning a total of nearly $1.3 million for exploits targeting Windows, Linux, VMware, Nvidia, and AI products. According to TrendAI’s Zero Day Initiative (ZDI), white hat hackers were awarded $1,298,250 for 47 unique vulnerabilities.
Nearly $750,000 of the total was won by the first two teams, Devcore and StarLabs SG, which also shared the highest payouts for a single exploit chain: Devcore earned $200,000 for a remote code execution exploit with system privileges on Microsoft Exchange, and $175,000 for a Microsoft Edge sandbox escape, with a further $100,000 for exploiting Microsoft SharePoint; StarLabs SG won $200,000 for a VMware ESX exploit that included a cross-tenant code execution add-on.
VMware noted that Pwn2Own participants can earn up to $200,000 for ESX exploits. There were eight failed attempts, and several teams chose not to sign up after time slots were filled, with some researchers disclosing findings directly to vendors instead. 18 May 2026.