diff --git a/.github/workflows/image-build.yaml b/.github/workflows/image-build.yaml
index 47e4bb619d..f18f4a62c9 100644
--- a/.github/workflows/image-build.yaml
+++ b/.github/workflows/image-build.yaml
@@ -123,7 +123,7 @@ jobs:
         run: make ko-build-kyverno
 
       - name: Trivy Scan Image
-        uses: aquasecurity/trivy-action@40c4ca9e7421287d0c5576712fdff370978f9c3c
+        uses: aquasecurity/trivy-action@9ab158e8597f3b310480b9a69402b419bc03dbd5
         with:
           scan-type: 'fs'
           ignore-unfixed: true
diff --git a/.github/workflows/reuse.yaml b/.github/workflows/reuse.yaml
index b6e029ece0..9f154f0ea9 100644
--- a/.github/workflows/reuse.yaml
+++ b/.github/workflows/reuse.yaml
@@ -79,7 +79,7 @@ jobs:
 
       - name: Run Trivy vulnerability scanner in repo mode
         if: ${{inputs.tag == 'release'}}
-        uses: aquasecurity/trivy-action@40c4ca9e7421287d0c5576712fdff370978f9c3c
+        uses: aquasecurity/trivy-action@9ab158e8597f3b310480b9a69402b419bc03dbd5
         with:
           scan-type: 'fs'
           ignore-unfixed: true