Mrxvt is a multi-tabbed rxvt clone with XFT, transparent background and CJK support.
Mrxvt mishandles certain escape sequences, some of which allow for shell command execution.
An attacker with sufficient access to write arbitrary text to the Mrxvt terminal could execute arbitrary code.
There is no known workaround at this time.
Gentoo has discontinued support for Mrxvt. We recommend that users remove it:
# emerge --ask --depclean "x11-terms/mrxvt"