diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 9ab07d0e0..6459bce4e 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -210,13 +210,13 @@ jobs:
           files: |
             release/*
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3
         if: startsWith(github.ref, 'refs/tags/')
         with:
           sarif_file: 'trivy-results'
           category: ${{ matrix.flavor }}-${{ matrix.flavor_release }}-${{ matrix.variant }}-${{ matrix.arch }}-${{ matrix.model }}-trivy
       - name: Upload Grype scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3
         if: startsWith(github.ref, 'refs/tags/')
         with:
           sarif_file: 'grype-results'