TrendAI™, the enterprise cybersecurity business from Trend Micro Incorporated, has recognized the efforts of the global security research community following the conclusion of Pwn2Own Berlin 2026. The event resulted in the disclosure of 47 unique zero-day vulnerabilities across categories including AI infrastructure, coding agents, enterprise applications, browsers, servers, and virtualization platforms.
The competition awarded more than $1.29 million in prizes to researchers demonstrating critical exploits and vulnerability chains targeting widely used enterprise technologies.
Pwn2Own Berlin 2026 highlighted the increasing complexity of modern cybersecurity threats as researchers targeted enterprise software, AI infrastructure, cloud environments, and developer tooling.
The event focused on responsible vulnerability disclosure through Trend Micro’s Zero Day Initiative (ZDI), allowing vendors to address critical vulnerabilities before they are actively exploited by cybercriminals.
TrendAI stated that the vulnerabilities discovered during the competition contribute directly to faster patch development and proactive customer protection through coordinated disclosure programs and virtual patching technologies.
Rachel Jin, Head of TrendAI, said: "TrendAI™ uses the deepest threat intelligence in the industry to protect our customers. We use the vulnerabilities discovered at Pwn2Own to empower vendors to patch these vulnerabilities quickly, while also offering our customers protection well ahead of the rest of the industry via virtual patching. As AI tools and infrastructure continue to become central to businesses functions, staying ahead of vulnerabilities will be as critical as ever."
NVIDIA participated as a first-time sponsor at Pwn2Own Berlin 2026, introducing a dedicated category focused on AI-related infrastructure and container technologies.
Researchers were invited to target:
The inclusion of AI infrastructure reflects the growing importance of securing AI environments as organizations increasingly integrate generative AI systems, model pipelines, and AI-driven applications into enterprise operations.
Several high-profile vulnerability demonstrations drew attention during the event.
Orange Tsai (@orange_8361) from DEVCORE Research Team chained three vulnerabilities to achieve Remote Code Execution as SYSTEM on Microsoft Exchange, earning $200,000.
The researcher also chained four logic bugs to achieve a sandbox escape on Microsoft Edge, securing an additional $175,000 reward.
Splitline (@splitline) from DEVCORE Research Team chained two vulnerabilities to exploit Microsoft SharePoint, earning $100,000.
Nguyen Hoang Thach (@hi_im_d4rkn3ss) of STARLabs SG used a memory corruption vulnerability to exploit VMware ESXi with the Cross-tenant Code Execution add-on. The demonstration earned $200,000 and 20 Master of Pwn points.
Chompie of IBM X-Force Offensive Research successfully exploited NVIDIA’s NV Container Toolkit using a single vulnerability, earning $50,000.
TrendAI emphasized the role of coordinated disclosure in helping vendors identify and remediate vulnerabilities before widespread exploitation occurs.
According to TrendAI’s Zero Day Initiative research, software vendors are increasingly delaying patch deployment timelines, increasing enterprise exposure to emerging threats.
The company stated that TrendAI Vision One™ customers receive protection an average of three months ahead of the broader industry through virtual patching and advanced threat intelligence capabilities.
The event further underscored how AI systems, cloud environments, virtualization platforms, and enterprise collaboration technologies continue to expand the modern attack surface.
A total of $1,298,250 in rewards were distributed during Pwn2Own Berlin 2026. TrendAI confirmed that the next competition, Pwn2Own Cork, is scheduled to take place in October.
As cybersecurity threats continue evolving alongside AI adoption and enterprise digital transformation, vulnerability research programs like Pwn2Own remain central to identifying and mitigating emerging security risks before they can be weaponized at scale.
TrendAI™, the global AI security leader and enterprise business unit of Trend Micro, empowers organizations with full AI visibility and consolidated security that inspires confidence, drives innovation, and eliminates risk. Trusted by the largest enterprises and governments across 185 countries, TrendAI™ secures the entire organization, from identities to infrastructure to data. Global Fortune 500 companies rely on TrendAI™ to cut risk and stop threats up to three months earlier, powered by world-leading threat and attack intelligence. Through deep ecosystem partnerships with market leaders like NVIDIA, Anthropic, AWS, Google, and Microsoft, TrendAI™ empowers your organization to securely drive forward at the speed of AI. AI Fearlessly.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.