A recently disclosed vulnerability (CVE-2025-49091) in Konsole, KDE’s flagship terminal emulator, enables remote code execution (RCE) via specially crafted URL schemes when combined with KTelnetService and missing standard network utilities.
The issue, fixed in Konsole 25.04.2, highlights the importance of robust scheme handler validation...