diff --git a/.github/workflows/check-vulnerabilities.yaml b/.github/workflows/check-vulnerabilities.yaml
index 8cc106f..fb05424 100644
--- a/.github/workflows/check-vulnerabilities.yaml
+++ b/.github/workflows/check-vulnerabilities.yaml
@@ -16,7 +16,7 @@ jobs:
     runs-on: "${{ inputs.runs_on}}"
     steps:
       - name: Install Cosign
-        uses: sigstore/cosign-installer@b18d21aaa20ef40c4e681202a598b7591d5be577 # ratchet:sigstore/cosign-installer@main
+        uses: sigstore/cosign-installer@e40248c492a99ad409432e2ea978d7a2811f2e1f # ratchet:sigstore/cosign-installer@main
         with:
           cosign-release: 'v1.13.1'
       - name: Check install!