diff --git a/.github/workflows/sign.yaml b/.github/workflows/sign.yaml
index c8420ef..44d1c78 100644
--- a/.github/workflows/sign.yaml
+++ b/.github/workflows/sign.yaml
@@ -42,7 +42,7 @@ jobs:
         password: ${{ secrets.GITHUB_TOKEN }}
 
     - name: Scan Image
-      uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee  # 0.9.2
+      uses: aquasecurity/trivy-action@91713af97dc80187565512baba96e4364e983601  # 0.16.0
       with:
         scan-type: image
         security-checks: vuln
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
index 912c11f..355ab3d 100644
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -79,7 +79,7 @@ jobs:
         yamllint_config_filepath: .yamllint
 
     - name: Scan Repo
-      uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee  # 0.9.2
+      uses: aquasecurity/trivy-action@91713af97dc80187565512baba96e4364e983601  # 0.16.0
       with:
         scan-type: 'fs'
         ignore-unfixed: true