diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
index fd61668de8..2b57dcea09 100644
--- a/.github/workflows/sbom.yml
+++ b/.github/workflows/sbom.yml
@@ -58,13 +58,13 @@ jobs:
       uses: advanced-security/spdx-dependency-submission-action@v0.0.1
 
     - name: Upload Trivy scan results to GitHub Security tab [all]
-      uses: github/codeql-action/upload-sarif@v3
+      uses: github/codeql-action/upload-sarif@v4
       with:
         sarif_file: 'trivy-results-all.sarif'
         category: all
 
     - name: Upload Trivy scan results to GitHub Security tab [fix-available]
-      uses: github/codeql-action/upload-sarif@v3
+      uses: github/codeql-action/upload-sarif@v4
       with:
         sarif_file: 'trivy-results-with-fix.sarif'
         category: fix-available