The OWASP Top 10 for Large Language Model (LLM) Applications is a community-driven list identifying the most critical security risks specific to LLMs and generative AI systems. It highlights vulnerabilities such as prompt injection, where attackers manipulate input prompts to cause unauthorized actions; insecure output handling, which can lead to exploits like code execution; training data poisoning that corrupts model behavior; denial of service attacks targeting model availability; and supply chain vulnerabilities affecting system integrity. Other key risks include sensitive information disclosure, insecure plugin design, excessive agency granting LLMs unchecked autonomy, overreliance on LLM outputs, and model theft. The list aims to educate developers and organizations on these threats, providing mitigation strategies to improve the security posture of LLM applications.
Publication's URL
https://owasp.org/www-project-top-10-for-large-language-model-applications/Additional documents on this topic
- OWASP LLM Applications Cybersecurity and Governance Checklist v1.1
- OWASP Practical Guide for Secure MCP Server Development
- NIST IR 8596 Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile): NIST Community Profile ★★★★★
- ETSI EN 304 223: Securing Artificial Intelligence (SAI) – Baseline Cyber Security Requirements for AI Models and Systems
- CSA Data Security within AI Environments