Konsole is KDE's terminal emulator.
Konsole supports loading URLs from the scheme handlers such as telnet://URL. This can be executed regardless of whether the telnet binary is available. It would fallback to bash in that case and execute arbitrary code.
Clicking a malicious URL in a browser may lead to arbitrary code execution. Please review the referenced CVE identifier for details.
There is no known workaround at this time.
All Konsole users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=kde-apps/konsole-24.12.3-r1"