diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 7d1e9837c8682..850c8f0c6d238 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -170,7 +170,7 @@ jobs:
 
       # Check for any typos
       - name: Check for typos
-        uses: crate-ci/typos@v1.21.0
+        uses: crate-ci/typos@v1.22.3
         with:
           config: .github/workflows/typos.toml
 
diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
index 1bf0bf4b63180..07581dfef4fca 100644
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@@ -114,7 +114,7 @@ jobs:
           echo "image=$(cat "$image_job")" >> $GITHUB_OUTPUT
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2
+        uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d
         with:
           image-ref: ${{ steps.build.outputs.image }}
           format: sarif