Microsoft’s Windows Task Host (taskhostw.exe) contains a confirmed-exploited local privilege escalation flaw enabling any standard user to escalate to SYSTEM on Windows 11 and Windows Server 2025. The patch has been available since November 2025 but active exploitation is confirmed as of April 2026, five months later. CISA added this CVE to the Known Exploited Vulnerabilities catalog on April 14, 2026, signaling confirmed in-the-wild use.