diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 3488cae..b846a0b 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -90,7 +90,7 @@ jobs:
 
       - name: Upload Trivy results to GitHub Security tab
         if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: 'trivy-api-results.sarif'
           category: 'docker-api'
@@ -165,7 +165,7 @@ jobs:
 
       - name: Upload Trivy results to GitHub Security tab
         if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: 'trivy-dashboard-results.sarif'
           category: 'docker-dashboard'
diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
index b33c330..e0b66cc 100644
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -34,7 +34,7 @@ jobs:
           ignore-unfixed: true
 
       - name: Upload Trivy results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         if: always()
         with:
           sarif_file: 'trivy-results.sarif'