A10: Mishandling of Exceptional Conditions

A09: Security Logging and Alerting Failures

A08: Software or Data Integrity Failures

Secure Development in OpenMRS: OWASP Top 10

A07: Authentication Failures

A06: Insecure Design

A05: Injection

A04: Cryptographic Failures

A03: Software Supply Chain Failures

A02: Security Misconfiguration