OWASP API Security Top 10 Vulnerabilities: 2019


This was the first API Security specific Top 10 vulnerabilities list provided by the OWASP project. Read more about why a separate list was needed and how API vulnerabilities differ from web application vulnerabilities. Even though some of these vulnerabilities have fallen off the 2023 OWASP list, it does not mean that any of the below vulnerabilities should be ignored.

OWASP API security resources

Here are some additional resources and information on the OWASP API Security Top 10: