A potential remote code execution (RCE) vulnerability has been patched in one of Starbucks’ mobile domains. A CVE has not been issued for the critical vulnerability but a severity score of 9.8 has been added to the report.