diff --git a/.github/actions/security-scans/action.yml b/.github/actions/security-scans/action.yml
index 521b59b8..1af8e7c4 100644
--- a/.github/actions/security-scans/action.yml
+++ b/.github/actions/security-scans/action.yml
@@ -58,7 +58,7 @@ runs:
         sed -i 's/"security-severity": "undefined"/"security-severity": "0"/g' snyk.sarif
 
     - name: Upload result to GitHub Code Scanning
-      uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4
+      uses: github/codeql-action/upload-sarif@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4
       if: ${{ hashFiles('snyk.sarif') != '' }}
       with:
         sarif_file: snyk.sarif
@@ -74,7 +74,7 @@ runs:
         output: 'trivy-results.sarif'
 
     - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4
+      uses: github/codeql-action/upload-sarif@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4
       if: ${{ hashFiles('trivy-results.sarif') != '' }}
       with:
         sarif_file: 'trivy-results.sarif'