CWE-330 - Use of Insufficiently Random Values

The software may use insufficiently random numbers or values in a security context that depends on unpredictable numbers.