Arbitrary code execution breaking sandboxes in KDE Plasma
Summary
The article provides a PoC demonstrating a sandbox escape in KDE Plasma by abusing argv0 to spawn arbitrary host binaries from a sandboxed Flatpak app. It includes build-and-run steps, risky payloads, and discusses potential mitigations and why the issue remains unpatched in KDE Plasma at the time of writing.