Microsoft Edge, Windows 11 and LiteLLM Hacked in Pwn2Own Berlin 2026

HomeCyber Security News Microsoft Edge, Windows 11 and LiteLLM Hacked in Pwn2Own Berlin 2026 By Abinaya May 15, 2026 Pwn2Own Berlin 2026 opened with a surge of zero-day exploits targeting modern browsers, operating systems, and emerging AI platforms. On Day One alone, security researchers successfully hacked Microsoft Edge, Windows 11, and LiteLLM, earning a total of $523,000 for 24 unique vulnerabilities. The results highlight a growing reality that AI ecosystems and core enterprise technologies are increasingly exposed to complex, chained attacks. Edge Sandbox Escape One of the most impactful demonstrations came from Orange Tsai of the DEVCORE Research Team, who executed a sophisticated sandbox escape against Microsoft Edge. The exploit chained four distinct logic vulnerabilities, turning minor flaws into a full system compromise. Microsoft Edge Exploited (Source: Zero Day Initiative) This advanced technique earned $175,000 and 17.5 Master of Pwn points, placing DEVCORE in the lead. The attack underscores how modern browser security can still be bypassed when multiple weaknesses are combined strategically. Windows 11 Privilege Escalations Microsoft Windows 11 emerged as another major target, with several successful privilege escalation attacks throughout the day. Windows 11 Exploited (Source: Zero Day Initiative) Additional researchers later demonstrated attacks using heap-based buffer overflows and use-after-free vulnerabilities. Angelboy and TwinkleStar03 of DEVCORE exploited an improper access control flaw to gain elevated privileges. Another Windows 11 Exploited (Source: Zero Day Initiative) These repeated compromises show that even mature operating systems remain vulnerable to memory corruption and access control issues. LiteLLM Exploited AI infrastructure faced serious scrutiny, with LiteLLM falling to a full-chain exploit by researcher k3vg3n. The attack combined three vulnerabilities, including Server-Side Request Forgery (SSRF) and code injection, allowing full system takeover. LiteLLM Exploited (Source: Zero Day Initiative) The exploit earned $40,000 and highlighted how AI frameworks, especially those handling external inputs and APIs, can introduce critical security gaps if not properly hardened. AI and Developer Tools Under Pressure Other AI-focused targets also experienced successful compromises. OpenAI Codex was exploited using a CWE-150 flaw by Compass Security researchers. NVIDIA’s Megatron Bridge was breached multiple times due to overly permissive allow lists and path-traversal vulnerabilities. NVIDIA Exploited (Source: Zero Day Initiative) Meanwhile, IBM X-Force researchers successfully exploited a single bug in the NV Container Toolkit. These findings reinforce concerns that AI and developer tooling ecosystems are still maturing in terms of secure design and threat resilience. Not every attempt succeeded. Several researchers failed to exploit targets such as OpenAI Codex and Oracle Autonomous AI Database within the time limit. Additionally, multiple “collision” cases were recorded, where working exploits relied on previously known vulnerabilities. Linux Exploited (Source: Zero Day Initiative) While still rewarded, these cases highlight a persistent issue: organizations failing to promptly patch known security flaws. According to Zero Day Initiative, Day One results from Pwn2Own Berlin 2026 reveal a major shift in the threat landscape. Attackers are no longer focused solely on traditional software but are actively targeting AI platforms, inference engines, and developer tools. With DEVCORE leading the competition and more high-value targets ahead, the event is expected to uncover even deeper vulnerabilities in the coming days, offering a stark warning to vendors and enterprises alike. Follow us on Google News, LinkedIn, and X to Get More Instant Updates. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Abinayahttps://cybersecuritynews.com/ Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space. Trending News Crimenetwork Takedown Exposes 22,000 Users and Over 100 Illegal Sellers Google Warns of Hackers Using AI to Create Working Zero-Day Exploit Microsoft Warns of Attackers Using Trusted HPE Operations Agent for Malware-Free Intrusions Hackers Abuse Scheduled Tasks to Maintain Persistence in FrostyNeighbor Attacks 10 Best Full Disk Encryption Tools in 2026 Latest News Cyber Security News Microsoft Warns of Attackers Using Trusted HPE Operations Agent for Malware-Free Intrusions Cyber Security News Tycoon 2FA Operators Adopt OAuth Device Code Phishing to Bypass MFA Cyber Security News PraisonAI Vulnerability Exploited Within Hours of Public Disclosure Cyber Security News Amazon Redshift JDBC Driver Vulnerabilities Enables Remote Code Execution Attacks Cyber Security News Multiple cPanel Vulnerabilities Allows Access to Sensitive System Resources