Zero Day Initiative | Blog
Follow
Pwn2Own Berlin 2026 - Day One Results
Pwn2Own Berlin 2026 kicked off with security researchers targeting AI databases, coding agents, local inferences, and NVIDIA products. Several teams successfully exploited vulnerabilities, demonstrating impressive hacking skills. Orange Tsai of DEVCORE earned $175,000 for a Microsoft Edge sandbox escape. chompie of IBM X-Force exploited NV Container Toolkit, while k3vg3n took down LiteLLM. Satoki Tsuji used an allowed list bug on NVIDIA Megatron Bridge. Compass Security successfully exploited OpenAI Codex. Angelboy and TwinkleStar03 of DEVCORE also achieved privilege escalation on Windows 11. Ben Koo withdrew from the Mozilla Firefox category. Ikotas Labs successfully targeted LiteLLM using known bugs. Yoseop Kim exploited NVIDIA Megatron Bridge with a CWE-470 bug.