diff --git a/.github/workflows/dependency-review-vulnerability.yml b/.github/workflows/dependency-review-vulnerability.yml
index 2bf7c3b..8f1c3b3 100644
--- a/.github/workflows/dependency-review-vulnerability.yml
+++ b/.github/workflows/dependency-review-vulnerability.yml
@@ -3,7 +3,7 @@ name: Dependency Review - Vulnerability
 ###
 # This workflow analyzes dependencies introduced by pull requests to help identify security vulnerabilities.
 #
-# To override the default configuration preset, set the `DEPENDENCY_REVIEW_CONFIG_PRESET` variable in the repository settings.
+# To override the default configuration preset, set the `DEPENDENCY_REVIEW_VULNERABILITY_CONFIG_PRESET` variable in the repository settings.
 # The default preset is "vulnerability-high". This preset has this behavior:
 #
 #   Fail if a dependency is found in the dependency tree with a high severity or greater.
@@ -24,12 +24,34 @@ jobs:
     # Skip on merge group events
     if: ${{ github.event_name == 'pull_request' }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
           persist-credentials: false
 
+      - name: Choose config preset
+        id: preset
+        env:
+          DEFAULT_PRESET: 'vulnerability-high'
+          OVERRIDE_PRESET: ${{ vars.DEPENDENCY_REVIEW_VULNERABILITY_CONFIG_PRESET }}
+          ALLOWED_PRESETS: 'vulnerability-high vulnerability-high-cve-2026-34040'
+        run: |
+          if [ -z "${OVERRIDE_PRESET:-}" ]; then
+            echo "Using default config preset: $DEFAULT_PRESET"
+            CONFIG_PRESET="$DEFAULT_PRESET"
+          else
+            if echo " $ALLOWED_PRESETS " | grep -q " $OVERRIDE_PRESET "; then
+              echo "Using override config preset: $OVERRIDE_PRESET"
+              CONFIG_PRESET="$OVERRIDE_PRESET"
+            else
+              echo "::warning::Invalid override preset '$OVERRIDE_PRESET'. Falling back to default '$DEFAULT_PRESET'."
+              CONFIG_PRESET="$DEFAULT_PRESET"
+            fi
+          fi
+
+          echo "preset=$CONFIG_PRESET" | tee -a "$GITHUB_OUTPUT"
+
       - name: Dependency Review
         uses: smartcontractkit/.github/actions/dependency-review@dependency-review/v2
         with:
-          config-preset: vulnerability-high
+          config-preset: ${{ steps.preset.outputs.preset }}