diff --git a/2025/docs/assets/OG-images/A01-OG.png b/2025/docs/assets/OG-images/A01-OG.png
new file mode 100644
index 000000000..e00a76e59
Binary files /dev/null and b/2025/docs/assets/OG-images/A01-OG.png differ
diff --git a/2025/docs/assets/OG-images/A02-OG.png b/2025/docs/assets/OG-images/A02-OG.png
new file mode 100644
index 000000000..2fc16641f
Binary files /dev/null and b/2025/docs/assets/OG-images/A02-OG.png differ
diff --git a/2025/docs/assets/OG-images/A03-OG.png b/2025/docs/assets/OG-images/A03-OG.png
new file mode 100644
index 000000000..8fc759c8a
Binary files /dev/null and b/2025/docs/assets/OG-images/A03-OG.png differ
diff --git a/2025/docs/assets/OG-images/A04-OG.png b/2025/docs/assets/OG-images/A04-OG.png
new file mode 100644
index 000000000..267032d1f
Binary files /dev/null and b/2025/docs/assets/OG-images/A04-OG.png differ
diff --git a/2025/docs/assets/OG-images/A05-OG.png b/2025/docs/assets/OG-images/A05-OG.png
new file mode 100644
index 000000000..c4571e091
Binary files /dev/null and b/2025/docs/assets/OG-images/A05-OG.png differ
diff --git a/2025/docs/assets/OG-images/A06-OG.png b/2025/docs/assets/OG-images/A06-OG.png
new file mode 100644
index 000000000..41c90281a
Binary files /dev/null and b/2025/docs/assets/OG-images/A06-OG.png differ
diff --git a/2025/docs/assets/OG-images/A07-OG.png b/2025/docs/assets/OG-images/A07-OG.png
new file mode 100644
index 000000000..ce9349ff0
Binary files /dev/null and b/2025/docs/assets/OG-images/A07-OG.png differ
diff --git a/2025/docs/assets/OG-images/A08-OG.png b/2025/docs/assets/OG-images/A08-OG.png
new file mode 100644
index 000000000..aea8ba7ac
Binary files /dev/null and b/2025/docs/assets/OG-images/A08-OG.png differ
diff --git a/2025/docs/assets/OG-images/A09-OG.png b/2025/docs/assets/OG-images/A09-OG.png
new file mode 100644
index 000000000..5ec81bba7
Binary files /dev/null and b/2025/docs/assets/OG-images/A09-OG.png differ
diff --git a/2025/docs/assets/OG-images/A10-OG.png b/2025/docs/assets/OG-images/A10-OG.png
new file mode 100644
index 000000000..ff82549ad
Binary files /dev/null and b/2025/docs/assets/OG-images/A10-OG.png differ
diff --git a/2025/docs/assets/OG-images/Global-OG-Alt.png b/2025/docs/assets/OG-images/Global-OG-Alt.png
new file mode 100644
index 000000000..cd7a838ab
Binary files /dev/null and b/2025/docs/assets/OG-images/Global-OG-Alt.png differ
diff --git a/2025/docs/assets/OG-images/Global-OG.png b/2025/docs/assets/OG-images/Global-OG.png
new file mode 100644
index 000000000..39c08bdd2
Binary files /dev/null and b/2025/docs/assets/OG-images/Global-OG.png differ
diff --git a/2025/docs/en/0x00_2025-Introduction.md b/2025/docs/en/0x00_2025-Introduction.md
index 61664e959..e1aa9db75 100644
--- a/2025/docs/en/0x00_2025-Introduction.md
+++ b/2025/docs/en/0x00_2025-Introduction.md
@@ -1,3 +1,8 @@
+---
+title: "Introduction to the OWASP Top 10:2025"
+description: "Introduction to the OWASP Top 10:2025 - Learn what's changed, the methodology behind the rankings, and how to use this document to improve your security posture."
+---
+
# The Ten Most Critical Web Application Security Risks
diff --git a/2025/docs/en/0x01_2025-About_OWASP.md b/2025/docs/en/0x01_2025-About_OWASP.md
index a4103e922..bf62ace53 100644
--- a/2025/docs/en/0x01_2025-About_OWASP.md
+++ b/2025/docs/en/0x01_2025-About_OWASP.md
@@ -1,3 +1,8 @@
+---
+title: "About OWASP - The Open Worldwide Application Security Project"
+description: "Learn about the OWASP Foundation, an open community dedicated to enabling organizations to develop, purchase, and maintain secure applications and APIs."
+---
+
# About OWASP
The Open Worldwide Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop, purchase, and maintain applications and APIs that can be trusted.
diff --git a/2025/docs/en/0x02_2025-What_are_Application_Security_Risks.md b/2025/docs/en/0x02_2025-What_are_Application_Security_Risks.md
index df1e9d066..2489cbfdf 100644
--- a/2025/docs/en/0x02_2025-What_are_Application_Security_Risks.md
+++ b/2025/docs/en/0x02_2025-What_are_Application_Security_Risks.md
@@ -1,3 +1,8 @@
+---
+title: "What are Application Security Risks? - OWASP Top 10:2025"
+description: "Understanding application security risks is the first step to building secure software. Learn the fundamentals of risk assessment and vulnerabilities."
+---
+
# What are Application Security Risks?
Attackers can potentially use many different paths through your application to do harm to your business or organization. Each of these ways poses a potential risk that needs to be investigated.
diff --git a/2025/docs/en/0x03_2025-Establishing_a_Modern_Application_Security_Program.md b/2025/docs/en/0x03_2025-Establishing_a_Modern_Application_Security_Program.md
index 7ae94c703..7119cb82a 100644
--- a/2025/docs/en/0x03_2025-Establishing_a_Modern_Application_Security_Program.md
+++ b/2025/docs/en/0x03_2025-Establishing_a_Modern_Application_Security_Program.md
@@ -1,3 +1,8 @@
+---
+title: "Establishing a Modern Application Security Program - OWASP Top 10:2025"
+description: "Build a comprehensive application security program. Learn best practices, tools, and processes for integrating security throughout the system's lifecycle"
+---
+
# Establishing a Modern Application Security Program
The OWASP Top Ten lists are awareness documents, meant to bring awareness to the most critical risks of whichever topic they cover. They are not meant to be a complete list, only a starting place. In previous versions of this list we have prescribed starting an application security program as the best way to avoid these risks, and more. In this section we will cover how to start and build a modern application security program.
diff --git a/2025/docs/en/A01_2025-Broken_Access_Control.md b/2025/docs/en/A01_2025-Broken_Access_Control.md
index 575192150..c30b18e7a 100644
--- a/2025/docs/en/A01_2025-Broken_Access_Control.md
+++ b/2025/docs/en/A01_2025-Broken_Access_Control.md
@@ -1,3 +1,10 @@
+---
+title: "A01:2025 Broken Access Control - OWASP Top 10"
+description: "When access checks are missing or bypassable, users act outside their permissions. When this happens, attackers can read, change, or delete data"
+og_type: "article"
+og_image: "assets/OG-images/A01-OG.png"
+---
+
# A01:2025 Broken Access Control {: style="height:80px;width:80px" align="right"}
diff --git a/2025/docs/en/A02_2025-Security_Misconfiguration.md b/2025/docs/en/A02_2025-Security_Misconfiguration.md
index 9dfcf4d17..650c41296 100644
--- a/2025/docs/en/A02_2025-Security_Misconfiguration.md
+++ b/2025/docs/en/A02_2025-Security_Misconfiguration.md
@@ -1,3 +1,10 @@
+---
+title: "A02:2025 Security Misconfiguration - OWASP Top 10"
+description: "When systems are configured insecurely or with defaults, attackers exploit open services, weak permissions, or verbose errors to gain access or leak data"
+og_type: "article"
+og_image: "assets/OG-images/A02-OG.png"
+---
+
# A02:2025 Security Misconfiguration {: style="height:80px;width:80px" align="right"}
diff --git a/2025/docs/en/A03_2025-Software_Supply_Chain_Failures.md b/2025/docs/en/A03_2025-Software_Supply_Chain_Failures.md
index 25e70baac..009213f6c 100644
--- a/2025/docs/en/A03_2025-Software_Supply_Chain_Failures.md
+++ b/2025/docs/en/A03_2025-Software_Supply_Chain_Failures.md
@@ -1,3 +1,10 @@
+---
+title: "A03:2025 Software Supply Chain Failures - OWASP Top 10"
+description: "When dependencies or build pipelines are compromised, attackers can ship malicious updates. When this happens, trusted software becomes an entry point"
+og_type: "article"
+og_image: "assets/OG-images/A03-OG.png"
+---
+
# A03:2025 Software Supply Chain Failures {: style="height:80px;width:80px" align="right"}
diff --git a/2025/docs/en/A04_2025-Cryptographic_Failures.md b/2025/docs/en/A04_2025-Cryptographic_Failures.md
index d81a20b8f..303bb4aa2 100644
--- a/2025/docs/en/A04_2025-Cryptographic_Failures.md
+++ b/2025/docs/en/A04_2025-Cryptographic_Failures.md
@@ -1,3 +1,10 @@
+---
+title: "A04:2025 Cryptographic Failures - OWASP Top 10"
+description: "When encryption, keys, or protocols are weak or misused, attackers can expose sensitive data in transit or at rest and bypass protections"
+og_type: "article"
+og_image: "assets/OG-images/A04-OG.png"
+---
+
# A04:2025 Cryptographic Failures {: style="height:80px;width:80px" align="right"}
diff --git a/2025/docs/en/A05_2025-Injection.md b/2025/docs/en/A05_2025-Injection.md
index d72e4a3b4..0afd76318 100644
--- a/2025/docs/en/A05_2025-Injection.md
+++ b/2025/docs/en/A05_2025-Injection.md
@@ -1,3 +1,10 @@
+---
+title: "A05:2025 Injection - OWASP Top 10"
+description: "When untrusted input is executed by an interpreter, attackers can run commands or queries. When this occurs, they can read, change, or destroy data."
+og_type: "article"
+og_image: "assets/OG-images/A05-OG.png"
+---
+
# A05:2025 Injection {: style="height:80px;width:80px" align="right"}
## Background.
diff --git a/2025/docs/en/A06_2025-Insecure_Design.md b/2025/docs/en/A06_2025-Insecure_Design.md
index aaf212113..2bced25ad 100644
--- a/2025/docs/en/A06_2025-Insecure_Design.md
+++ b/2025/docs/en/A06_2025-Insecure_Design.md
@@ -1,3 +1,10 @@
+---
+title: "A06:2025 Insecure Design - OWASP Top 10"
+description: "When security requirements and threat models are missing, applications ship with flawed workflows and missing controls that attackers can exploit."
+og_type: "article"
+og_image: "assets/OG-images/A06-OG.png"
+---
+
# A06:2025 Insecure Design {: style="height:80px;width:80px" align="right"}
diff --git a/2025/docs/en/A07_2025-Authentication_Failures.md b/2025/docs/en/A07_2025-Authentication_Failures.md
index 2d3077107..3f8e91f54 100644
--- a/2025/docs/en/A07_2025-Authentication_Failures.md
+++ b/2025/docs/en/A07_2025-Authentication_Failures.md
@@ -1,3 +1,10 @@
+---
+title: "A07:2025 Authentication Failures - OWASP Top 10"
+description: "When systems accept wrong users as legitimate, enabling account takeover via credential stuffing or brute force"
+og_type: "article"
+og_image: "assets/OG-images/A07-OG.png"
+---
+
# A07:2025 Authentication Failures {: style="height:80px;width:80px" align="right"}
diff --git a/2025/docs/en/A08_2025-Software_or_Data_Integrity_Failures.md b/2025/docs/en/A08_2025-Software_or_Data_Integrity_Failures.md
index 6c465c9b0..4e04b6359 100644
--- a/2025/docs/en/A08_2025-Software_or_Data_Integrity_Failures.md
+++ b/2025/docs/en/A08_2025-Software_or_Data_Integrity_Failures.md
@@ -1,3 +1,10 @@
+---
+title: "A08:2025 Software or Data Integrity Failures - OWASP Top 10"
+description: "When integrity is not verified, untrusted code or data can be accepted as trusted, enabling supply chain attacks, tampering, or insecure deserialization"
+og_type: "article"
+og_image: "assets/OG-images/A08-OG.png"
+---
+
# A08:2025 Software or Data Integrity Failures {: style="height:80px;width:80px" align="right"}
## Background.
diff --git a/2025/docs/en/A09_2025-Security_Logging_and_Alerting_Failures.md b/2025/docs/en/A09_2025-Security_Logging_and_Alerting_Failures.md
index 630f0fb74..d3f029fc6 100644
--- a/2025/docs/en/A09_2025-Security_Logging_and_Alerting_Failures.md
+++ b/2025/docs/en/A09_2025-Security_Logging_and_Alerting_Failures.md
@@ -1,3 +1,9 @@
+---
+title: "A09:2025 Security Logging and Alerting Failures - OWASP Top 10"
+description: "When events are not logged or monitored and alerts fail, attacks go unseen and incident response suffers"
+og_image: "assets/OG-images/A09-OG.png"
+---
+
# A09:2025 Security Logging & Alerting Failures {: style="height:80px;width:80px" align="right"}
diff --git a/2025/docs/en/A10_2025-Mishandling_of_Exceptional_Conditions.md b/2025/docs/en/A10_2025-Mishandling_of_Exceptional_Conditions.md
index 6fdb956e4..5026d989e 100644
--- a/2025/docs/en/A10_2025-Mishandling_of_Exceptional_Conditions.md
+++ b/2025/docs/en/A10_2025-Mishandling_of_Exceptional_Conditions.md
@@ -1,3 +1,10 @@
+---
+title: "A10:2025 Mishandling of Exceptional Conditions - OWASP Top 10"
+description: "When software fails to prevent, detect, or respond to abnormal states, causing crashes, data leaks, or fail-open flaws"
+og_type: "article"
+og_image: "assets/OG-images/A10-OG.png"
+---
+
# A10:2025 Mishandling of Exceptional Conditions {: style="height:80px;width:80px" align="right"}
diff --git a/2025/docs/en/X01_2025-Next_Steps.md b/2025/docs/en/X01_2025-Next_Steps.md
index 49d350e68..7c2160ecf 100644
--- a/2025/docs/en/X01_2025-Next_Steps.md
+++ b/2025/docs/en/X01_2025-Next_Steps.md
@@ -1,6 +1,11 @@
+---
+title: "Next Steps - OWASP Top 10:2025"
+description: "Next steps after learning the OWASP Top 10:2025. Discover resources, training, and guidance for implementing application security in your organization."
+---
+
# Next Steps
-By design, the OWASP Top 10 is innately limited to the ten most significant risks. Every OWASP Top 10 has “on the cusp” risks considered at length for inclusion, but in the end, didn't make the cut. The other risks were more prevalent and impactful.
+By design, the OWASP Top 10 is innately limited to the ten most significant risks. Every OWASP Top 10 has "on the cusp" risks considered at length for inclusion, but in the end, didn't make the cut. The other risks were more prevalent and impactful.
The following two issues are well worth the effort to identify and remediate, organizations working towards a mature appsec program, security consultancies, or tool vendors wishing to expand coverage for their offerings.
diff --git a/2025/docs/en/index.md b/2025/docs/en/index.md
index b03a6d174..74e369f12 100644
--- a/2025/docs/en/index.md
+++ b/2025/docs/en/index.md
@@ -1,3 +1,8 @@
+---
+title: "OWASP Top 10:2025 - The Most Critical Web Application Security Risks"
+description: "The OWASP Top 10 is a standard awareness document for developers and web application security, representing a broad consensus about the most critical security risks."
+---
+
# OWASP Top 10:2025
Welcome to the OWASP Top 10:2025 Release.
diff --git a/2025/mkdocs.yml b/2025/mkdocs.yml
index 35bee0cc0..20dded121 100644
--- a/2025/mkdocs.yml
+++ b/2025/mkdocs.yml
@@ -9,6 +9,7 @@ theme:
name: material
language: en
logo: assets/OWASP_Logo_Transp.png
+ custom_dir: overrides
features:
- navigation.sections
- navigation.instant
@@ -35,6 +36,7 @@ nav:
markdown_extensions:
- attr_list
+ - meta
plugins:
- search
diff --git a/2025/overrides/main.html b/2025/overrides/main.html
new file mode 100644
index 000000000..3df6570dc
--- /dev/null
+++ b/2025/overrides/main.html
@@ -0,0 +1,51 @@
+{% extends "base.html" %}
+
+{% block extrahead %}
+ {{ super() }}
+
+ {# Set defaults #}
+ {% set page_title = config.site_name %}
+ {% set page_description = config.site_description %}
+ {% set page_url = page.canonical_url %}
+ {% set page_type = "website" %}
+ {% set site_name = config.site_name %}
+ {% set og_image = config.site_url ~ "assets/OG-images/Global-OG.png" %}
+
+ {# Override with page-specific values from frontmatter if they exist #}
+ {% if page and page.meta %}
+ {% if page.meta.title %}
+ {% set page_title = page.meta.title %}
+ {% elif page.title and not page.is_homepage %}
+ {% set page_title = page.title | striptags %}
+ {% endif %}
+
+ {% if page.meta.description %}
+ {% set page_description = page.meta.description %}
+ {% endif %}
+
+ {% if page.meta.og_type %}
+ {% set page_type = page.meta.og_type %}
+ {% endif %}
+
+ {% if page.meta.og_image %}
+ {% set og_image = config.site_url ~ page.meta.og_image %}
+ {% endif %}
+ {% endif %}
+
+ {# Open Graph Meta Tags #}
+
+
+
+
+
+
+
+
+
+
+ {# Twitter Card Meta Tags #}
+
+
+
+
+{% endblock %}