diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index ba84779..2aaaee4 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -28,8 +28,8 @@ jobs:
         WORKFLOW=$(echo "$WORKFLOW" | cut -d '@' -f 1 | cut -d '/' -f 3-5)
         go run ./cmd/ghasum verify -cache /home/runner/work/_actions -no-evict -offline "$WORKFLOW:$JOB"
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3.26.7
+      uses: github/codeql-action/init@v3.26.10
       with:
         languages: go
     - name: Perform CodeQL analysis
-      uses: github/codeql-action/analyze@v3.26.7
+      uses: github/codeql-action/analyze@v3.26.10
diff --git a/.github/workflows/gha.sum b/.github/workflows/gha.sum
index 1acbfb6..6a7e8d8 100755
--- a/.github/workflows/gha.sum
+++ b/.github/workflows/gha.sum
@@ -2,7 +2,7 @@ version 1
 
 actions/checkout@v4.2.0 e6ng7MJDyAPkTZ/6d/plZK2YhZRzJZvxhYAPUPpNAzc=
 actions/setup-go@v5.0.2 n9tqUfB4OKK5aiUOExrVooiAI2s7Wcih+7CYiJHr920=
-github/codeql-action@v3.26.7 CyKIM/hsqtMpMDphedhh08SHWg5JWBATPXKH9NCaofU=
+github/codeql-action@v3.26.10 lJXAjTd9yTVVg8ZDA6TQw+Rz1dRy48g3Gs6iHIsb/+8=
 ncipollo/release-action@v1.14.0 +JAIlT/RB99JgfxlDrAcAdBnaKX4y8hyFWnHc4j7tfM=
 stefanzweifel/git-auto-commit-action@v5.0.0 t2VeG9180CmZ5/cmxvkFkN6iWoWsOjlaJ2V8rp1HDqY=
 tibdex/github-app-token@v2.1.0 ZNSBo6XSE0yxs8IkHEkVtUC9MkEeXTclXpMLl6zAmCs=
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index cfa3139..26cd720 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -33,7 +33,7 @@ jobs:
       env:
         SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
     - name: Upload Semgrep report to GitHub
-      uses: github/codeql-action/upload-sarif@v3.26.7
+      uses: github/codeql-action/upload-sarif@v3.26.10
       if: ${{ failure() || success() }}
       with:
         sarif_file: semgrep.sarif