diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 19fa8f474762f39d7ce3c817416bcadb281d67b1..deeed5fe122c95bc3c25945c6b1cc15268930013 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -19,7 +19,7 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@76071ef0d7ec797419534a183b498b4d6366cf37 # 0.31.0
+        uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4 # 0.32.0
         with:
           scan-type: 'fs'
           format: 'sarif'
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index e961b24fc8a5e8b1b027fcd8c3c39d059e857f24..4979cf435765e554d91a990aca0b6d242ee33526 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -31,7 +31,7 @@ repos:
           - "-i"
           - "CHANGELOG.md"
   - repo: https://github.com/renovatebot/pre-commit-hooks
-    rev: 41.13.0
+    rev: 41.23.5
     hooks:
       - id: renovate-config-validator
   - repo: https://github.com/google/yamlfmt.git