diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
index 5721578d5e5f07674e8c2067f92684fac7765ff4..69287b3c90307155164f367954f697c659a5d6c5 100644
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@@ -129,7 +129,7 @@ jobs:
           severity: "CRITICAL,HIGH"
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3
+        uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3
         if: ${{ github.event_name != 'pull_request' }}
         with:
           sarif_file: "trivy-results.sarif"
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 361f1bcdd779a3cedee8972d15f94057aa15915b..e32339c486224de3d4fd8416fe3f21ab510d1219 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -30,6 +30,6 @@ jobs:
           severity: 'CRITICAL,HIGH,MEDIUM'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3
+        uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3
         with:
           sarif_file: 'trivy-results-fs.sarif'