Under active development — Content is continuously updated and improved

Home / Risk Lists / OWASP Top 10 for LLMs

OWASP Top 10 for LLMs v2.0

Security risks for Large Language Model applications

This is a reference tool, not an authoritative source. For official documentation, visit genai.owasp.org.

10 risks

Access Control — Risks from excessive permissions and agency granted to models

LLM06Excessive Agency

Configuration — Risks from system prompt and configuration exposure

LLM07System Prompt Leakage

Data Security — Risks related to sensitive data exposure and leakage

LLM02Sensitive Information Disclosure

Infrastructure — Risks related to embeddings, vectors, and RAG systems

LLM08Vector and Embedding Weaknesses

Model Integrity — Risks affecting the integrity of model behavior and outputs

LLM04Data and Model Poisoning

Output Security — Risks from improper handling of model-generated content

LLM05Improper Output Handling

Prompt Security — Risks related to prompt manipulation and injection attacks

LLM01Prompt Injection

Reliability — Risks from hallucinations and misinformation

LLM09Misinformation

Resource Management — Risks from unbounded resource consumption

LLM10Unbounded Consumption

Supply Chain — Risks from third-party components, models, and data sources

LLM03Supply Chain