OWASP Top 10 for LLMS

Summary

The OWASP Top 10 for Large Language Model Applications highlights the most critical security risks in LLM applications, highlighting their potential impact, ease of exploitation, and prevalence in real-world applications.

Definitions

Definition	Requirements
LLM01:2025 Prompt Injection	160. Encode system outputs 173. Discard unsafe inputs 320. Avoid client-side control enforcement 342. Validate request parameters
LLM02:2025 Sensitive Information Disclosure	173. Discard unsafe inputs 224. Use secure cryptographic mechanisms 261. Avoid exposing sensitive information 300. Mask sensitive data 341. Use the principle of deny by default 342. Validate request parameters 375. Remove sensitive data from client-side applications
LLM03:2025 Supply Chain	262. Verify third-party components
LLM04:2025 Data and Model Poisoning	262. Verify third-party components 383. Sandboxing to limit model exposure to unverified data sources
LLM05:2025 Improper Output Handling	173. Discard unsafe inputs 265.Restrict access to critical processes 321. Avoid deserializing untrusted data 342. Validate request parameters
LLM06:2025 Excessive Agency	186.Use the principle of least privilege 382. Human in the loop
LLM10:2025 Unbounded Consumption	072. Set maximum response time 077. Avoid disclosing technical information 176. Restrict system objects 327. Set a rate limit

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.