BETA RELEASE

Top 10 for Large Language Model Applications

Secondary report OWASP Foundation
Accessed: 2026-05-01
Original source ↗ Archived copy ↗

Summary

A list of the ten most critical security vulnerabilities for LLM applications, now part of the broader OWASP GenAI Security Project.

Key quotes

LLM01: Prompt Injection Manipulating LLMs via crafted inputs can lead to unauthorized access, data breaches, and compromised decision-making.

This page serves as the entry point for the OWASP Top 10 for LLM Applications, which has evolved into the comprehensive OWASP GenAI Security Project. It outlines ten primary security risks ranging from prompt injection to model theft.