Insufficient Entropy
Eran Hammer cryptiles contains an Insufficient Entropy vulnerability in randomDigits(). An attacker is more likely to be able to brute force something that was supposed to be random. This attack appear to be exploitable depending upon the calling application.