diff --git a/.github/workflows/scans.yml b/.github/workflows/scans.yml
index 15262d4..c228dd7 100644
--- a/.github/workflows/scans.yml
+++ b/.github/workflows/scans.yml
@@ -319,14 +319,14 @@ jobs:
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
-      - uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.30
+      - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # 0.30
         with:
           scan-type: fs
           format: github
           output: dependency-results.sbom.json
           github-pat: ${{ github.token }}
 
-      - uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.30
+      - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # 0.30
         with:
           scan-type: fs
           format: sarif
@@ -359,14 +359,14 @@ jobs:
           cache-from: ${{ env.GHCR_IMAGE_NAME }}:cache
           load: true
 
-      - uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.30
+      - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # 0.30
         with:
           image-ref: ${{ steps.build.outputs.imageid }}
           format: github
           output: dependency-results.sbom.json
           github-pat: ${{ github.token }}
 
-      - uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.30
+      - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # 0.30
         with:
           image-ref: ${{ steps.build.outputs.imageid }}
           format: sarif
@@ -390,7 +390,7 @@ jobs:
         with:
           fetch-depth: (${{ github.event.pull_request.commits || 2 }} + 1)
 
-      - uses: trufflesecurity/trufflehog@6961f2bace57ab32b23b3ba40f8f420f6bc7e004 # v3
+      - uses: trufflesecurity/trufflehog@7c0734f987ad0bb30ee8da210773b800ee2016d3 # v3
         with:
           extra_args: --results=verified,unknown