diff --git a/.github/workflows/check-vulnerabilities.yml b/.github/workflows/check-vulnerabilities.yml
new file mode 100644
index 0000000000..3756013356
--- /dev/null
+++ b/.github/workflows/check-vulnerabilities.yml
@@ -0,0 +1,55 @@
+# Copyright 2023 Democratized Data Foundation
+#
+# Use of this software is governed by the Business Source License
+# included in the file licenses/BSL.txt.
+#
+# As of the Change Date specified in that file, in accordance with
+# the Business Source License, use of this software will be governed
+# by the Apache License, Version 2.0, included in the file
+# licenses/APL.txt.
+
+name: Check Vulnerabilities Workflow
+
+on:
+  pull_request:
+    branches:
+      - master
+      - develop
+
+  push:
+    tags:
+      - 'v[0-9]+.[0-9]+.[0-9]+'
+    branches:
+      - master
+      - develop
+
+jobs:
+  check-vulnerabilities:
+    name: Check vulnerabilities job
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code into the directory
+        uses: actions/checkout@v3
+
+      - name: Setup Go environment explicitly
+        uses: actions/setup-go@v3
+        with:
+          go-version: "1.19"
+          check-latest: false
+
+      - name: Install govulncheck
+        run: go install golang.org/x/vuln/cmd/govulncheck@latest
+
+      - name: Run govulncheck
+        run: govulncheck ./...
+
+      # NOTE: Tried using the official action below but is unreliable.
+      # - name: Run govulncheck
+      #   uses: golang/govulncheck-action@v1
+      #   with:
+      #     go-version-input: 1.19
+      #     go-package: ./...
+      #     check-latest: true
+      #     cache: false