diff --git a/.github/workflows/sign.yaml b/.github/workflows/sign.yaml
index c8420ef..30fe889 100644
--- a/.github/workflows/sign.yaml
+++ b/.github/workflows/sign.yaml
@@ -42,7 +42,7 @@ jobs:
         password: ${{ secrets.GITHUB_TOKEN }}
 
     - name: Scan Image
-      uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee  # 0.9.2
+      uses: aquasecurity/trivy-action@d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca  # 0.16.1
       with:
         scan-type: image
         security-checks: vuln
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
index 912c11f..606f36b 100644
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -79,7 +79,7 @@ jobs:
         yamllint_config_filepath: .yamllint
 
     - name: Scan Repo
-      uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee  # 0.9.2
+      uses: aquasecurity/trivy-action@d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca  # 0.16.1
       with:
         scan-type: 'fs'
         ignore-unfixed: true