Pierluigi Paganini
May 17, 2026
Pwn2Own Berlin 2026 ended after three intense days, with participants discovering 47 unique zero-days, and earning $1,298,250 in total payouts. Pwn2Own Berlin 2026 wrapped up at OffensiveCon on Saturday with a final day that sealed DEVCORE’s dominance across every metric that matters.
Going into day three, DEVCORE held a commanding lead with 40.5 Master of Pwn points and $405,000, a gap that most competitors could not realistically close in a single day. But the final schedule still had serious targets on it, including Microsoft SharePoint, VMware ESXi, and further attempts against Windows 11, Red Hat Enterprise Linux, and OpenAI Codex. Plenty of room for the scoreboard to shift, and plenty of incentive for researchers who had been waiting for the right moment.
One of the most significant results of the day came from splitline of the DEVCORE Research Team, who chained two bugs together to successfully exploit Microsoft SharePoint, collecting $100,000 and 10 Master of Pwn points in the process. SharePoint had survived a failed attempt by Rapid7’s Stephen Fewer on day two, making this a vindication of sorts for a target that had initially looked like it might escape the competition unscathed. Two bugs, one successful chain, and another Microsoft server product joins the list of things that got compromised in Berlin this week.
That result alone was enough to make the final outcome mathematically settled. DEVCORE finished the three-day competition with 50.5 Master of Pwn points and $505,000, a performance with no precedent in recent editions of the contest. STARLabs SG came in second place with 25 points and $242,500, followed by Out Of Bounds in third with 12.75 points and $95,750.
The researchers Nguyen Hoang Thach (@hi_im_d4rkn3ss) of STARLabs SG (@starlabs_sg) exploited a Memory Corruption bug to target VMware ESXi with the Cross-tenant Code Execution add-on, earning $200,000 and 20 Master of Pwn points.
OpenAI’s Codex coding agent, already compromised twice on day one, took another hit on the final day. Satoki Tsuji of Ikotas Labs abused an external control vulnerability to exploit the platform and demonstrate code execution, earning $20,000 and 4 Master of Pwn points. Codex was successfully exploited three separate times across the competition by three different researchers, a pattern that should prompt serious reflection inside OpenAI’s security organization. Each exploit used a different technique, meaning the attack surface is not a single narrow flaw but something broader.
Anthropic’s Claude Code, which was on the schedule as a target, was approached by Compass Security, who had already collected $40,000 for hacking OpenAI Codex on day one. Their Claude Code attempt hit a one-vulnerability collision with a previous entry, earning $20,000 and 2 Master of Pwn points rather than a full win.
A collision means part of what they found was already known from a prior submission — frustrating, but still a partial result that confirms working research was in hand.
The pattern that defined the entire competition continued on the final day. Viettel Cyber Security’s Le Tran Hai Tung, dungnm, and hieuvd used an integer overflow to escalate privileges on a fully patched Windows 11 machine in the fifth round, adding $7,500 and 3 Master of Pwn points to their tally. Windows 11 was exploited successfully multiple times across all three days by multiple independent teams, each using a different vulnerability. By the end of the competition it had become one of the most-targeted and most-compromised systems in Berlin.
Red Hat Enterprise Linux for Workstations also continued to absorb hits. Sina Kheirkhah of Summoning Team used two bugs to exploit the platform, though one was a previously known issue, landing him in partial-credit territory at $7,000 and 1.5 Master of Pwn points. Hyunwoo Kim separately chained a use-after-free and an uninitialized memory bug for a clean privilege escalation win on the same platform, earning $5,000 and 2 Master of Pwn points.
Vendors now have 90 days to release fixes before technical details become public.
Last year’s Berlin edition paid out $1,078,750. This year crossed $1.298 million, a 20 percent increase, with eight more unique vulnerabilities discovered. The growth in both numbers reflects something real: more researchers are participating, targets are diversifying well beyond traditional browsers and operating systems into AI infrastructure and developer tooling, and the economics of vulnerability research at this level continue to attract serious talent.
DEVCORE’s dominance this year was total. That is not luck. That is a research program operating at a consistently high level across an entire week of competition.
The complete list of results of Pwn2Own Berlin 2026 Day Three is available here.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Pwn2Own Berlin 2026)
