diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index df89da5..dba2adb 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -101,7 +101,7 @@ jobs:
           docker run --rm --entrypoint which phpbu:ci-full gpg
 
       - name: Run Trivy on minimal
-        uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # v0.34.0
+        uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1
         with:
           image-ref: phpbu:ci
           format: 'sarif'
@@ -110,7 +110,7 @@ jobs:
           exit-code: '1'
 
       - name: Run Trivy on full
-        uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # v0.34.0
+        uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1
         with:
           image-ref: phpbu:ci-full
           format: 'sarif'
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index da41bb0..8ea808b 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -37,7 +37,7 @@ jobs:
           load: true
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # v0.34.0
+        uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1
         with:
           image-ref: phpbu:${{ matrix.variant }}
           format: 'sarif'