diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 739948be55b25..104c32318cd2b 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -170,7 +170,7 @@ jobs:
 
       # Check for any typos
       - name: Check for typos
-        uses: crate-ci/typos@v1.22.7
+        uses: crate-ci/typos@v1.22.9
         with:
           config: .github/workflows/typos.toml
 
diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
index 07581dfef4fca..6416cb43e3171 100644
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@@ -114,7 +114,7 @@ jobs:
           echo "image=$(cat "$image_job")" >> $GITHUB_OUTPUT
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d
+        uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2
         with:
           image-ref: ${{ steps.build.outputs.image }}
           format: sarif