One important security vulnerability fixed in the KDE Plasma 5.12 LTS desktop environment is a USB exploit that could allow a local attacker with physical access to the unpatched computer to execute arbitrary commands if the malicious USB flash drive was mounted via the removable device notifier function and contained certain characters in its volume label. All KDE Plasma users running a previous version of the desktop environment should update their installations to the latest KDE Plasma 5.12 LTS release as soon as possible. The new version is already available in the software repositories of popular GNU/Linux distributions like Kubuntu/Ubuntu, Arch Linux, OpenSuSE, and others, so there’s nothing holding you back to update it right now.