Willkommen! (Welcome!) Pwn2Own Berlin 2026 has arrived at OffensiveCon, and the world’s top security researchers are ready. This year’s enterprise-focused competition features AI Databases, Coding Agents, Local Inferences, and a separate category for NVIDIA products.
Earlier today, we held the random draw to determine attempt order. Below is the official schedule. All times are Berlin local time (CET) and may change as the competition progresses. Check back for live updates.
In case you missed it, you can watch the draw here.
DAY ONE
Thursday, May 14 – 1030
chompie of IBM X-Force Offensive Research (XOR) targeting NV Container Toolkit in the NVIDIA category for a total of $50,000 and 5 Master of Pwn points
Le Duc Anh Vu ( @vulda ) of Viettel Cyber Security (@vcslab) targeting OpenAI Codex in the Coding Agent category for a total of $40,000 and 4 Master of Pwn points
Orange Tsai (@orange_8361) of DEVCORE Research Team targeting Microsoft Edge – Sandbox Escape in the Web Browser category for a total of $175,000 and 17.5 Master of Pwn points
Thursday, May 14 – 1130
k3vg3n targeting LiteLLM in the Local Inference category for a total of $40,000 and 4 Master of Pwn points
Satoki Tsuji (@satoki00) / Ikotas Labs, Inc. targeting Megatron Bridge in the NVIDIA category for a total of $20,000 and 2 Master of Pwn points
Thursday, May 14 – 1300
Angelboy (@scwuaptx) of DEVCORE Research Team and TwinkleStar03 (@_twinklestar03), working with DEVCORE Internship Program targeting Microsoft Windows 11 in the Local Escalation of Privilege category for a total of $30,000 and 3 Master of Pwn points
Emanuele Barbeno, Cyrill Bannwart, Yves Bieri, Lukasz D., Urs Mueller of Compass Security (@compasssecurity) targeting OpenAI Codex in the Coding Agent category for a total of $40,000 and 4 Master of Pwn points
Park Jae Min (@hiariz) targeting Oracle Autonomous AI Database in the AI Database category for a total of $40,000 and 4 Master of Pwn points
Thursday, May 14 – 1400
Satoki Tsuji (@satoki00) / Ikotas Labs, Inc. targeting LiteLLM in the Local Inference category for a total of $40,000 and 4 Master of Pwn points.
Yoseop kim(@pwning_me) targeting Megatron Bridge in the NVIDIA category for a total of $20,000 and 2 Master of Pwn points
Thursday, May 14 – 1500
Ben Koo (@kiddo_pwn) of Team DDOS targeting Mozilla Firefox – Renderer Only in the Web Browser category for a total of $50,000 and 5 Master of Pwn points
Interrupt Labs targeting NV Container Toolkit in the NVIDIA category for a total of $50,000 and 5 Master of Pwn points
Thursday, May 14 – 1530
maitai (@MaitaiThe) of Doyensec (@Doyensec) targeting OpenAI Codex in the Coding Agent category for a total of $40,000 and 4 Master of Pwn points
Thursday, May 14 – 1600
Billy (@st424204), Pan Zhenpeng(@Peterpan980927), Weiming Shi (@bestswngs) of STARLabs SG (@starlabs_sg) targeting LM Studio in the Local Inference category for a total of $40,000 and 4 Master of Pwn points
Marcin Wiązowski targeting Microsoft Windows 11 in the Local Escalation of Privilege category for a total of $30,000 and 3 Master of Pwn points
Thursday, May 14 – 1630
haehae (@haehaeYang) of Out Of Bounds targeting Chroma in the AI Database category for a total of $20,000 and 2 Master of Pwn points
Thursday, May 14 – 1730
chompie of IBM X-Force Offensive Research (XOR) targeting Red Hat Enterprise Linux for Workstations in the Local Escalation of Privilege category for a total of $20,000 and 2 Master of Pwn points
Yoseop Kim(@pwning_me) targeting Mozilla Firefox – Renderer Only in the Web Browser category for a total of $50,000 and 5 Master of Pwn points
Thursday, May 14 – 1800
@rewhiles of Viettel Cyber Security (@vcslab) targeting Anthropic Claude Code in the Coding Agent category for a total of $40,000 and 4 Master of Pwn points
Thursday, May 14 – 1830
Kentaro Kawane of GMO Cybersecurity by Ierae targeting Microsoft Windows 11 in the Local Escalation of Privilege category for a total of $30,000 and 3 Master of Pwn points
Qrious Secure (@qriousec) targeting LM Studio in the Local Inference category for a total of $40,000 and 4 Master of Pwn points
Thursday, May 14 – 1900
haehae (@haehaeYang) of Out of Bounds targeting Megatron Bridge in the NVIDIA category for a total of $20,000 and 2 Master of Pwn points
DAY TWO
Friday, May 15 – 1030
Ben Koo (@kiddo_pwn) of Team DDOS targeting Red Hat Enterprise Linux for Workstations in the Local Escalation of Privilege category for a total of $20,000 and 2 Master of Pwn points
Stephen Fewer (Rapid7) targeting Microsoft SharePoint in the Server category for a total of $100,000 and 10 Master of Pwn points
Tao Yan (@Ga1ois) and Edouard Bochin (@le_douds) from Palo Alto Networks targeting Apple Safari – Renderer Only in the Web Browser category for a total of $75,000 and 7.5 Master of Pwn points
Friday, May 15 – 1130
Le Duc Anh Vu ( @vulda ) of Viettel Cyber Security (@vcslab) targeting Cursor in the Coding Agent category for a total of $30,000 and 3 Master of Pwn points
Nikolaos Mourousias (@deltaclock), Caue Obici (@caueobici) and Bruno Halltari (@BrunoModificato) of OtterSec targeting LM Studio in the Local Inference category for a total of $40,000 and 4 Master of Pwn points
Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam). targeting Anthropic Claude Code in the Coding Agent category for a total of $40,000 and 4 Master of Pwn points
Friday, May 15 – 1300
Ruitong from the Abstract Team at the University of Colorado Boulder targeting Red Hat Enterprise Linux for Workstations in the Local Escalation of Privilege category for a total of $20,000 and 2 Master of Pwn points
Friday, May 15 – 1330
Kiyong Kwak of Kakaogames and Song Nuri of Samsung Electronics targeting Apple Safari – Renderer Only in the Web Browser category for a total of $75,000 and 7.5 Master of Pwn points
Orange Tsai (@orange_8361) of DEVCORE Research Team targeting Microsoft Exchange in the Server category for a total of $200,000 and 20 Master of Pwn points
Friday, May 15 – 1400
Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam). targeting OpenAI Codex in the Coding Agent category for a total of $40,000 and 4 Master of Pwn points
Friday, May 15 – 1430
Billy (@st424204), Bruce Chen(@bruce30262), Pan Zhenpeng(@Peterpan980927), Weiming Shi (@bestswngs ) of STARLabs SG (@starlabs_sg) targeting Megatron Bridge in the NVIDIA category for a total of $20,000 and 2 Master of Pwn points
David Tae, Louis Hur of Out Of Bounds targeting Ollama in the Local Inference category for a total of $40,000 and 4 Master of Pwn points
Friday, May 15 – 1530
Team: Alon Ben Tsur (@iamgweej), Yahav Azran (@_yahav) targeting Red Hat Enterprise Linux for Workstations in the Local Escalation of Privilege category for a total of $20,000 and 2 Master of Pwn points
Friday, May 15 – 1600
@rewhiles of Viettel Cyber Security (@vcslab) targeting Mozilla Firefox – Renderer Only in the Web Browser category for a total of $50,000 and 5 Master of Pwn points
Siyeon Wi targeting Microsoft Windows 11 in the Local Escalation of Privilege category for a total of $30,000 and 3 Master of Pwn points
Friday, May 15 – 1630
Byung Young Yi (@yibarrack) of Out Of Bounds targeting LiteLLM in the Local Inference category for a total of $40,000 and 4 Master of Pwn points
Friday, May 15 – 1700
Emanuele Barbeno, Cyrill Bannwart, Yves Bieri, Lukasz D., Urs Mueller of Compass Security (@compasssecurity) targeting Cursor in the Coding Agent category for a total of $30,000 and 3 Master of Pwn points
Friday, May 15 – 1800
Daniel Cohen Hillel (@0xDACA) targeting NV Container Toolkit in the NVIDIA category for a total of $50,000 and 5 Master of Pwn points
DAY THREE
Saturday, May 16 – 1100
Le Tran Hai Tung (@tacbliw), dungnm (@dungnm_) and hieuvd (@gr4ss341) of Viettel Cyber Security (@vcslab) targeting Microsoft Windows 11 in the Local Escalation of Privilege category for a total of $30,000 and 3 Master of Pwn points
Satoki Tsuji (@satoki00) / Ikotas Labs, Inc. targeting OpenAI Codex in the Coding Agent category for a total of $40,000 and 4 Master of Pwn points
Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam). targeting Red Hat Enterprise Linux for Workstations in the Local Escalation of Privilege category for a total of $20,000 and 2 Master of Pwn points
Saturday, May 16 – 1330
Emanuele Barbeno, Cyrill Bannwart, Yves Bieri, Lukasz D., Urs Mueller of Compass Security (@compasssecurity) targeting Anthropic Claude Code in the Coding Agent category for a total of $40,000 and 4 Master of Pwn points
Hyunwoo Kim (@v4bel) targeting Red Hat Enterprise Linux for Workstations in the Local Escalation of Privilege category for a total of $20,000 and 2 Master of Pwn points
Team: Giuseppe Calì (@_gcali) of Summoning Team targeting VMware ESXi in the Virtualization category with the Cross-tenant Code Execution Addon add-on for a total of $200,000 and 20 Master of Pwn points
Saturday, May 16 – 1430
splitline (@_splitline_) of DEVCORE Research Team targeting Microsoft SharePoint in the Server category for a total of $100,000 and 10 Master of Pwn points
Saturday, May 16 – 1600
Byung Young Yi (@yibarrack) of Out Of Bounds targeting Anthropic Claude Code in the Coding Agent category for a total of $40,000 and 4 Master of Pwn points
Nguyen Hoang Thach (@hi_im_d4rkn3ss) of STARLabs SG (@starlabs_sg) targeting VMware ESXi in the Virtualization category with the Cross-tenant Code Execution Addon add-on for a total of $200,000 and 20 Master of Pwn points
Follow the action live! We’ll be posting real-time updates and results throughout the competition on our blog and across social media. Stay up to date by following us on Twitter, Mastodon, LinkedIn, and Bluesky, and join the conversation using #Pwn2Own Berlin and #P2OBerlin for continuous coverage.
–
Read More – Zero Day Initiative – Blog
