What is OWASP LLM05 (2023) Supply Chain Vulnerabilities?
Supply chain vulnerabilities in 2023 focused on compromised or untrusted components in the LLM stack - pre-trained weights, plugins, and deployment artifacts.
What this looks like in production
This rose to LLM03 in the 2025 ranking as third-party dependencies became the default architecture for production GenAI, including MCP servers and agent marketplaces.