diff --git a/.github/workflows/pr-trivy.yaml b/.github/workflows/pr-trivy.yaml
index 2f2b7aa..0dd92ce 100644
--- a/.github/workflows/pr-trivy.yaml
+++ b/.github/workflows/pr-trivy.yaml
@@ -13,7 +13,7 @@ jobs:
           egress-policy: audit
 
       - name: Trivy fs scan
-        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
+        uses: aquasecurity/trivy-action@f781cce5aab226378ee181d764ab90ea0be3cdd8 # 0.25.0
         with:
           scan-type: 'fs'
           ignore-unfixed: true
diff --git a/.github/workflows/report-on-vulnerabilities.yaml b/.github/workflows/report-on-vulnerabilities.yaml
index 97d10f3..caf5670 100644
--- a/.github/workflows/report-on-vulnerabilities.yaml
+++ b/.github/workflows/report-on-vulnerabilities.yaml
@@ -19,7 +19,7 @@ jobs:
         egress-policy: audit
 
     - name: Scan for vulnerabilities
-      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
+      uses: aquasecurity/trivy-action@f781cce5aab226378ee181d764ab90ea0be3cdd8 # 0.25.0
       with: 
         image-ref: ghcr.io/doodlescheduling/swagger-hub-controller:latest
         format: json