info Code Vulnerability
OWASP Top 10 2025 — Updated Web Application Security Risks
| Severity | info |
| Status | open |
| Date | January 1, 2026 |
| Affects | All web applications |
| Source | owasp.org |
Details
The OWASP Top 10 2025 edition. A01: Broken Access Control. A02: Security Misconfiguration. A03: Software Supply Chain Failures (NEW). A04: Cryptographic Failures. A05: Injection. A06: Insecure Design. A07: Authentication Failures. A08: Software/Data Integrity Failures. A09: Security Logging/Alerting Failures. A10: Mishandling of Exceptional Conditions (NEW).