Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Pwn2Own Berlin 2026 multi-product zero-days privilege-escalation flaw

Vulnerability
First reported
Last updated
Happening score
H score 21
2 unique sources, 2 articles

Summary

Hide ▲

Pwn2Own Berlin 2026 opened with 24 unique zero-days demonstrated against fully patched products, creating immediate exposure across browser, OS, virtualization, enterprise, and AI-target classes. The first day generated $523,000 in awards, with Microsoft Edge and Windows 11 among the most visible targets. Orange Tsai chained 4 logic bugs for an Edge sandbox escape, and Windows 11 was hit with three privilege-escalation zero-days. Vendors now have 90 days to release fixes after disclosure.

Related Happenings

OpenAI hit by cyberattack

Incident
First: 14.05.2026 22:07 Last: 14.05.2026 22:07 Sources 1

About this happening: OpenAI confirmed **two employees' devices** were breached, giving attackers access to a limited set of internal source code repositories and forcing a precautionary rotation of **...

Open Happening

CISA adds ScreenConnect and Windows flaws to KEV

Public Sector Action
First: 29.04.2026 11:46 Last: 29.04.2026 11:46 Sources 1

About this happening: CISA added **CVE-2024-1708** and **CVE-2026-32202** to the **KEV catalog**, elevating the flaws to a **federal remediation priority** because they are being **actively exploited**...

Open Happening

Microsoft Edge regression disrupts Teams meeting joins

Service Disruption
First: 23.04.2026 16:18 Last: 23.04.2026 16:18 Sources 1

About this happening: A **Microsoft Edge** regression is preventing some **Windows** users from joining **Microsoft Teams** meetings, causing a limited-scope access disruption for scheduled and link-ba...

Open Happening

CISA KEV order for BlueHammer patching

Public Sector Action
First: 23.04.2026 14:05 Last: 23.04.2026 14:05 Sources 1

About this happening: **CISA** ordered **Federal Civilian Executive Branch agencies** to patch **Windows** systems against **CVE-2026-33825** within **two weeks** after adding the flaw to the **KEV Cat...

Open Happening

Windows zero-day exploitation wave

Exploitation Wave
First: 17.04.2026 09:14 Last: 17.04.2026 09:14 Sources 1

About this happening: **BlueHammer**, **RedSun**, and **UnDefend** are being exploited in the wild against **Windows** devices, creating active risk of **SYSTEM** or elevated administrator compromise....

Latest development: 23.04.2026 14:05

CISA added BlueHammer, tracked as CVE-2026-33825, to its Known Exploited Vulnerabilities (KEV) Catalog and ordered Federal Civilian Executive Branch (FCEB) agencies to patch Microsoft Defender on Windows systems within two weeks, until May 7. The federal directive targets ongoing zero-day abuse of the flaw on U.S. government systems.

Open Happening

Timeline

  1. 14.05.2026 21:53 1 articles · 13d ago

    Pwn2Own Berlin 2026 day 1 awards

    Initial Disclosure

    On 2026-05-14, the first day of Pwn2Own Berlin 2026, researchers collected $523,000 in cash awards after demonstrating 24 unique zero-days against fully patched targets across browser, virtualization, local privilege escalation, server, enterprise application, cloud-native/container, local inference, and LLM categories.

    Show sources
    Open in new tab
  2. 14.05.2026 21:53 1 articles · 13d ago

    Microsoft Edge sandbox escape by Orange Tsai

    Exploitation Observed

    At Pwn2Own Berlin 2026, Orange Tsai chained 4 logic bugs to achieve a sandbox escape on Microsoft Edge and earned $175,000 in rewards.

    Show sources
    Open in new tab
  3. 14.05.2026 21:53 1 articles · 13d ago

    Windows 11 privilege-escalation zero-days

    Victim Impact Update

    At Pwn2Own Berlin 2026, Angelboy and TwinkleStar03 working with the DEVCORE Internship Program, Marcin Wiązowski, and Kentaro Kawane of GMO Cybersecurity each hacked Windows 11 and earned $30,000 for demonstrating new privilege-escalation zero-days.

    Show sources
    Open in new tab
  4. 14.05.2026 21:53 1 articles · 13d ago

    Red Hat Linux for Workstations and NVIDIA Container Toolkit zero-days

    Victim Impact Update

    At Pwn2Own Berlin 2026, Valentina Palmiotti (chompie) of IBM X-Force Offensive Research (XOR) rooted Red Hat Linux for Workstations for $20,000 and disclosed a zero-day in the NVIDIA Container Toolkit for another $50,000.

    Show sources
    Open in new tab
  5. 14.05.2026 21:53 2 articles · 13d ago

    Additional zero-days across LiteLLM, NVIDIA Megatron Bridge, Codex, Chroma, and LM Studio

    Campaign Scope Update

    At Pwn2Own Berlin 2026, additional successful attempts covered LiteLLM, NVIDIA Megatron Bridge, OpenAI's Codex coding agent, Chroma, and LM Studio, broadening the day's exploitation scope across local inference, cloud-native/container, and LLM targets.

    Show sources
    Open in new tab