Building on the momentum of its second edition, which uncovered 49 zero-day vulnerabilities, Pwn2Own Automotive, the automotive-focused version of the well-known Pwn2Own series of ethical hacking contests, is gearing up for its third run. Pwn2Own Automotive 2026 is officially confirmed and will take place at the Automotive World conference in Tokyo, Japan, from January 21 to 23, with Alpitronic joining Tesla as a title sponsor.
Rules and regulations
As with the 2025 and 2024 editions, VicOne will once again team up with Trend Micro’s Zero Day Initiative (ZDI), the world’s largest vendor-agnostic bug bounty program, to co-host Pwn2Own Automotive 2026. Over US$1 million in cash and prizes will be at stake for participants of the 2026 edition, along with the prestigious Master of Pwn title.
Just like the other Pwn2Own contests, Pwn2Own Automotive also awards the Master of Pwn to the overall winner or the participant who earns the most points by the end of the contest. Points are awarded for each successful exploit, with the first valid attempt in every category taking home the corresponding cash reward. Since the order of attempts aredetermined via a random draw, participants with later slots can still claim the top title, though they might earn a smaller payout. Penalties apply for withdrawing from registered attempts, and points are deducted if contestants remove add-on bonuses during their attempts.
The complete set of rules for Pwn2Own Automotive 2026 can be found here. Note that these rules may be changed at any time without prior notice. Participants are also encouraged to read the ZDI’s guide to Pwn2Own, which details the expectations in participating in a Pwn2Own event.
To begin the registration process for Pwn2Own Automotive 2026, contact the ZDI at pwn2own@trendmicro.com. Registration closes on Jan. 15, 2026, at 5:00 p.m. JST.
Categories and targets
For Pwn2Own Automotive 2026, the contest expands to six categories. Here are the categories and their corresponding targets.
Tesla
At Pwn2Own Automotive 2024, Synacktiv secured the coveted Master of Pwn title after successfully exploiting a Tesla not once, but twice. Tesla, which will again serve as the title sponsor, remains the only category offering double-digit Master of Pwn points, making it the most rewarding and challenging target. For example, a successful compromise of Tesla’s Autopilot feature can earn participants at least 20 points and perhaps even a ride home.
Here are the targets for Tesla:
- Tuner
- Infotainment
- TCU (Telematics Control Unit)
- Charge Port ECU (via Charging Connector)
- VCSEC (via CAN Bus)
- Gateway (via Diagnostic/Infotainment Ethernet
- Any Tesla ECU
- AutoPilot
Participants attempting Tesla exploits are required to perform them against a benchtop setup equivalent to a Ryzen-based Tesla Model 3/Y. They must also notify the ZDI at least two weeks before the contest to give organizers time to source the necessary hardware.
In-vehicle infotainment (IVI) systems
During Pwn2Own Automotive 2024, the NCC Group unleashed a two-bug chain against the Alpine Halo9 iLX-F509 IVI, which enabled them to run Doom on the Alpine device. Beyond its novelty, the exploit underscored how deeply integrated and exposed IVI systems have become, combining entertainment, navigation, and connectivity functions that also expand the vehicle’s attack surface.
Participants attempting to exploit these systems must attack the exposed services, communication protocols, or physical interfaces accessible to a typical user.
Here are the targets for the IVI Category:
- Sony XAV-9500ES
- Alpine iLX-F511
- Kenwood DNR1007XR
Level 3 electric vehicle (EV) chargers
Aplitronic joins Pwn2Own Automotive 2026 as a new title sponsor, and Level-3 EV Chargers (so-called “supercharger”) is now one of the new categories. Attempts in this category must target the charger’s exposed services, communication protocols, or any physical interfaces that a typical user can access.
Here is the target for the Level 3 EV Chargers Category:
- Alpitronic HYC50
Level 2 electric vehicle (EV) chargers
This category has consistently been the most popular at past Pwn2Own Automotive contests, accounting for over half of all discoveries each year. In 2025, security researchers showcased “add-ons” that manipulated protocols and signals through or even originating from the charging connector. These findings underscored a key insight: exploit chains can extend both to and from charging devices, making them potential gateways for compromising vehicles and connected systems.
As in the IVI systems category, an attempt in the EV chargers category must also be launched against a target’s exposed services, communication protocols, or physical interfaces accessible to a typical user.
Here are the targets for the Level 2 EV Chargers Category:
- ChargePoint Home Flex (Model CPH50)
- Phoenix Contact CHARX SEC-3150
- Ford Connected Charge Station
- Grizzl-E Smart Level 2
- EMPORIA Pro Charger Level 2
- Tesla Universal Wall Connector
- Autel MaxiCharger AC Elite Home 40A EV Charger
- Ubiquiti Connect EV Station Pro
Open Charge Alliance
Also new for the 2026 contest is the Open Charge Alliance category. The Open Charge Point Protocol (OCPP) is designed to standardize communication between charge points and central systems, which could therefore present an attractive attack surface.
Here is the target for the Open Charge Alliance Category:
- OCPP Compliance Test Tool (OCTT)
Operating systems
A vehicle’s operating system (OS) coordinates hardware and software, supporting both critical and non-critical functions. Needless to say, any vulnerabilities within a vehicle’s OS must be uncovered and addressed early on.
Past Pwn2Own Automotive contests saw the Automotive Grade Linux successfully compromised. Will the other OS targets finally be exploited in 2026?
Here are the targets for the Operating Systems Category:
- Automotive Grade Linux
- BlackBerry QNX
- Android Automotive OS
Advancing automotive cybersecurity through zero-day vulnerability discovery
As the leader in automotive threat intelligence, VicOne remains committed to uncovering zero-day vulnerabilities and strengthening defenses across an increasingly complex automotive ecosystem. VicOne looks forward to the discoveries that participating security researchers will find at Pwn2Own Automotive 2026. Their efforts not only push the boundaries of automotive cybersecurity but also contribute to building safer, more resilient connected vehicles in a rapidly evolving threat landscape.
For a detailed overview of the rules and targets for Pwn2Own Automotive 2026, read the ZDI’s blog post.
For further updates on the Pwn2Own Automotive 2026, visit the official event page and follow the social media accounts and blog posts from VicOne (LinkedIn, X, blog) and the ZDI (LinkedIn, X, blog).
