diff --git a/.github/workflows/scans.yml b/.github/workflows/scans.yml
index f80d9c5..4e452fe 100644
--- a/.github/workflows/scans.yml
+++ b/.github/workflows/scans.yml
@@ -125,7 +125,7 @@ jobs:
       - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
 
       - id: grype
-        uses: anchore/scan-action@3c9a191a0fbab285ca6b8530b5de5a642cba332f # v7
+        uses: anchore/scan-action@62b74fb7bb810d2c45b1865f47a77655621862a5 # v7
         with:
           path: .
           fail-build: ${{ github.event_name == 'pull_request' }}
@@ -155,7 +155,7 @@ jobs:
           load: true
 
       - id: grype
-        uses: anchore/scan-action@3c9a191a0fbab285ca6b8530b5de5a642cba332f # v7
+        uses: anchore/scan-action@62b74fb7bb810d2c45b1865f47a77655621862a5 # v7
         with:
           image: ${{ env.IMAGE_ID }}
           fail-build: ${{ github.event_name == 'pull_request' }}
@@ -292,13 +292,13 @@ jobs:
     steps:
       - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
 
-      - uses: anchore/sbom-action@a930d0ac434e3182448fe678398ba5713717112a # v0
+      - uses: anchore/sbom-action@0b82b0b1a22399a1c542d4d656f70cd903571b5c # v0
         with:
           output-file: "${{ github.event.repository.name }}-sbom.spdx.json"
           dependency-snapshot: true
 
       - id: grype
-        uses: anchore/scan-action@3c9a191a0fbab285ca6b8530b5de5a642cba332f # v7
+        uses: anchore/scan-action@62b74fb7bb810d2c45b1865f47a77655621862a5 # v7
         with:
           sbom: "${{ github.event.repository.name }}-sbom.spdx.json"
           fail-build: ${{ github.event_name == 'pull_request' }}