If not appropriate forum please relocate.
https://thehackernews.com/2019/08/kde-desktop-linux-vulnerability.html
IIRC a fix is already on the way
Please note the KDE Project Security Advisory notice: <https://kde.org/info/security/advisory-20190807-1.txt>.
And, also, this NIST CVE-2019-14744 notice: <https://nvd.nist.gov/vuln/detail/CVE-2019-14744>.
[HR][/HR]BTW: As an avid KDE Plasma user, I can’t find any “Key$e]=$(shell command)” entries in my ~/.config/ files … 
Mentioned here already
https://forums.opensuse.org/showthread.php/537067-Security-Advisory-for-KDE-(KDE-Frameworks-lt-5-61-0)
I’ll move this to General Chit-Chat as well.