Day Two of Pwn2Own Automotive 2026 is underway, and the stakes are rising. Security researchers are back on the Pwn2Own stage, continuing to probe and challenge the latest automotive systems as the competition intensifies. New exploits, unexpected twists, and standout performances are already emerging - follow along here for daily updates as the race for Master of Pwn heats up. 

Following an action-packed opening day, we’ve already awarded more than $516,500 for 37 unique 0-day vulnerabilities. Here’s how the Master of Pwn standings look at the start of Day Two: 

Stay up to date throughout Day Two by following us on Twitter, Mastodon, LinkedIn, and Bluesky, and join the conversation using #Pwn2Own Automotive and #P2OAuto. 

SUCCESS - Inhyung Lee, Seokhun Lee, Chulhan Park, Wooseok Kim, and Yeonseok Jang of Team MAMMOTH exploited a command injection vulnerability against the Alpine iLX-F511, earning $10,000 USD and 2 Master of Pwn points.

FAILURE - Autocrypt - Hoyong Jin, Jaewoo Jeong, Chanhyeok Jung, Minsoo Son, and Kisang Choi - targeted the Grizzl‑E Smart 40A with the Charging Connector Protocol/Signal Manipulation add‑on but were unable to demonstrate the vulnerability within the allotted time.

SUCCESS - Julien COHEN‑SCALI of FuzzingLabs (@FuzzingLabs) targeted the Phoenix Contact CHARX SEC‑3150, chaining two vulnerabilities - an authentication bypass and privilege escalation - to earn $20,000 USD and 4 Master of Pwn points.

SUCCESS - Neodyme AG (@Neodyme) exploited a buffer overflow vulnerability (CWE‑120) in Round 3 to achieve privileged code execution on the Sony XAV‑9500ES, earning $10,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto

SUCCESS - Hank Chen (@hank0438) of InnoEdge Labs exploited an exposed dangerous method against the Alpitronic HYC50 – Lab Mode, earning $40,000 USD and 4 Master of Pwn points.

SUCCESS / COLLISON - Nguyen Thanh Dat (@rewhiles) of Viettel Cyber Security (@vcslab) targeted the Alpine iLX-F511, hitting a one-vulnerability collision with a previous attempt and earning $2,500 USD and 1 Master of Pwn point.

SUCCESS / COLLISON - BoredPentester (@BoredPentester) targeted the Grizzl‑E Smart 40A with the Charging Connector Protocol/Signal Manipulation add‑on, combining two bugs to earn $20,000 USD and 3 Master of Pwn points. #Pwn2Own #P2OAuto

SUCCESS / COLLISON - Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS targeted the Kenwood DNR1007XR, exploiting an n‑day command injection to earn $4,000 USD and 1 Master of Pwn point.

SUCCESS - Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) targeted the Kenwood DNR1007XR in Round 6, exploiting a command injection vulnerability to earn $5,000 USD and 2 Master of Pwn points.

SUCCESS / COLLISON - Kazuki Furukawa (@N4NU) of GMO Cybersecurity by Ierae targeted the Alpine iLX-F511, hitting a one-vulnerability collision with a previous attempt and earning $2,500 USD and 1 Master of Pwn point. #Pwn2Own #P2OAuto

SUCCESS / COLLISON - Donggeon Kim (@gbdngb12), Hoon Nam (@pwnstar96), Jaeho Jeong (@jeongZero), Sangsoo Jeong (@sangs00Jeong), and Wonyoung Jung (@nonetype_pwn) of 78ResearchLab targeted the Kenwood DNR1007XR, exploiting one n-day vulnerability along with two collisions to earn $2,500 USD and 1 Master of Pwn point.

SUCCESS - Xilokar ([email protected]) targeted the Alpitronic HYC50 – Lab Mode, exploiting one bug to earn $20,000 USD and 4 Master of Pwn points.

SUCCESS / COLLISON - Hyeongseok Lee (@fluorite_pwn), Yunje Shin (@YunjeShin), Chaeeul Hyun (@yskm_Gunter), Ingyu Yang (@Mafty5275), Hoseok Kang (@clay419), Seungyeon Park (@vvsy46), and Wonjun Choi (@won6_choi) of BoB::Takedown targeted the Grizzl-E Smart 40A, hitting one collision and one unique 0-day, earning $15,000 USD and 3 Master of Pwn points.

SUCCESS - Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeted the Phoenix Contact CHARX SEC-3150 in Round 5, exploiting three bugs with two add-ons to earn $50,000 USD and 7 Master of Pwn points.

SUCCESS / COLLISON - Slow Horses of Qrious Secure (@qriousec) targeted the Alpine iLX-F511, resulting in a single vulnerability collision with a previous attempt, earning $2,500 USD and 1 Master of Pwn point.