diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
index 37ac83bf5b57..ca2314a7f4ed 100644
--- a/.github/workflows/cifuzz.yml
+++ b/.github/workflows/cifuzz.yml
@@ -55,7 +55,7 @@ jobs:
         path: ./out/artifacts   
     - name: Upload Sarif
       if: always() && steps.build.outcome == 'success'
-      uses: github/codeql-action/upload-sarif@v3.26.6
+      uses: github/codeql-action/upload-sarif@v3.26.10
       with:
         # Path to SARIF file relative to the root of the repository
         sarif_file: cifuzz-sarif/results.sarif
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 380efec2f686..3e46935e358c 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -59,6 +59,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@9b41ced437d4a4f34bf0b740f80b4e52d3c4bccd # v2.25.15
+        uses: github/codeql-action/upload-sarif@cf5b0a9041d3c1d336516f1944c96d96598193cc # v2.25.15
         with:
           sarif_file: results.sarif