diff --git a/.github/workflows/build-containers.yml b/.github/workflows/build-containers.yml
index b2234d7..79ab2a3 100644
--- a/.github/workflows/build-containers.yml
+++ b/.github/workflows/build-containers.yml
@@ -508,7 +508,7 @@ jobs:
           rm -f /tmp/security-attestation.json
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.35.0
         with:
           image-ref: local-scan:${{ steps.meta.outputs.server_name }}-${{ steps.meta.outputs.version }}
           format: 'sarif'
diff --git a/.github/workflows/periodic-security-scan.yml b/.github/workflows/periodic-security-scan.yml
index e9a220c..1cb3cf4 100644
--- a/.github/workflows/periodic-security-scan.yml
+++ b/.github/workflows/periodic-security-scan.yml
@@ -88,7 +88,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Run Trivy comprehensive scan
-        uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.35.0
         with:
           image-ref: ${{ steps.meta.outputs.image_ref }}
           format: 'sarif'
@@ -105,7 +105,7 @@ jobs:
           category: 'periodic-trivy-${{ steps.meta.outputs.server_name }}'
 
       - name: Run Trivy for detailed JSON report
-        uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.35.0
         with:
           image-ref: ${{ steps.meta.outputs.image_ref }}
           format: 'json'