TKOResearch
Menu
OWASP LLM Top 10 guide

LLM09:2025

Misinformation

Misinformation occurs when an AI system produces false, unsupported, outdated, or misleading output that users or downstream systems treat as reliable.

Step 01

Input

Step 02

Model

Step 03

Tool / Data

Step 04

Impact

What it is

The application does not give users enough provenance, confidence, grounding, review, or workflow limits to separate supported answers from plausible but wrong output.

Why it matters

Misinformation can affect customer support, legal and security decisions, clinical or financial workflows, executive reporting, and customer trust in product output.

Failure path

How it usually fails.

A useful review breaks this chain before the system reaches production data, tools, or customer-facing decisions.

Path 01

Ask questions where the model lacks reliable context or current facts.

Path 02

Exploit weak grounding, missing citations, ambiguous prompts, or overconfident response style.

Path 03

Push users or systems to act on unsupported output.

Defenses

Controls worth checking.

The strongest controls are enforced outside the model and can be retested after a prompt, model, or workflow change.

Control 01

Ground high-impact answers

Require citations, source snippets, freshness indicators, and answer abstention for workflows where unsupported output creates risk.

Control 02

Constrain claims

Use domain-specific answer policies, confidence thresholds, and review paths for legal, security, safety, financial, or customer-impacting claims.

Control 03

Design for uncertainty

Make the product show what is known, what is inferred, and what needs human review.

Signals to review

  • Answers with no source for factual claims.
  • Overconfident output when retrieval returned weak or empty context.
  • Users copying AI output into high-impact workflows without review.

Questions for your team

  • Which answers require source grounding?
  • Does the model clearly abstain when context is missing?
  • Where could a wrong answer create a customer, security, or legal issue?