Many threats face modern software applications. It’s smart to keep updated on the latest exploits and security vulnerabilities; having benchmarks for such vulnerabilities is paramount to ensure application security before an attack occurs.
The Open Web Application Security Project (OWASP) is a trusted nonprofit foundation that publishes software security analysis. The group is well-known for its yearly roundup of top web application vulnerabilities. Since 2019, they also release an API security vulnerabilities list as well.
https://curity.io/resources/learn/owasp-top-ten/