Top 10 for LLM Applications 2025

• Publisher: OWASP
• Status: final
• Version: 2025
• Release Date: 2024-11-17
• Date Added: 2025-08-28
• Source URL: https://genai.owasp.org/llm-top-10/

---

Summary

OWASP's Top 10 for LLM Applications catalogs the most critical technical risks specific to large language model based systems. The 2025 edition highlights threats such as prompt injection and insecure output handling. Each risk is paired with concrete attack scenarios and recommended mitigations, enabling developers and security teams to harden LLM applications against real-world adversarial behavior.

---

Key Takeaways

• Describes the 10 most critical LLM-specific risks, from prompt injection to model denial of service.
• Provides attack examples and mitigation strategies for each risk.
• Expands beyond LLM core models to include ecosystem vulnerabilities (plugins, vector databases, APIs).
• Addresses both confidentiality and integrity risks.
• Serves as a baseline threat model for securing generative AI applications.
• Maps risks to MIRTRE ATLAS, NIST taxonomies.

---

Additional Sources

• GenAI Security Project Github

---

Tags

llm, gen-ai, adversarial-ml, top10, mitigations

---

License

CC-BY-SA-4.0