And it's not only about these security problems. Running KDE apps in fakepak? Forget about desktop integration (not even font size). Need to input Chinese/Japanese/Korean characters? Forget about that too - fcitx has been broken since flatpak 1.0, never fixed since.
The way we package and distribute desktop applications on Linux surely needs to be rethinked, sadly flatpak is introducing more problems than it is solving.
Flatpak is an emerging alternative way to install applications on Linux that is apparently rife with security and usability issues. This is a bummer because there's lots of room in this space for improvement. The lack of multi-lingual input is especially egregious.