diff --git a/.github/workflows/lib-publish.yaml b/.github/workflows/lib-publish.yaml
index a2be6086d..691275fa6 100644
--- a/.github/workflows/lib-publish.yaml
+++ b/.github/workflows/lib-publish.yaml
@@ -79,7 +79,7 @@ jobs:
         run: |
           ORG=${{ inputs.registry }} TAG=${{ inputs.image_tag }} make ${IMAGE_NAME} BUILDER=docker
       - name: Trivy scan for image
-        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
+        uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # 0.27.0
         with:
           scan-type: image
           image-ref: ${{ inputs.registry }}/${{ matrix.image }}:${{ inputs.image_tag }}
diff --git a/.github/workflows/lib-trivy.yaml b/.github/workflows/lib-trivy.yaml
index e8bc1cfee..8db1b63af 100644
--- a/.github/workflows/lib-trivy.yaml
+++ b/.github/workflows/lib-trivy.yaml
@@ -32,7 +32,7 @@ jobs:
     - name: Checkout
       uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4
     - name: Run Trivy in config mode for deployments
-      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
+      uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # 0.27.0
       with:
         scan-type: config
         scan-ref: deployments/
@@ -50,7 +50,7 @@ jobs:
     - name: Checkout
       uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4
     - name: Run Trivy in config mode for dockerfiles
-      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
+      uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # 0.27.0
       with:
         scan-type: config
         scan-ref: build/docker/
@@ -64,7 +64,7 @@ jobs:
     - name: Checkout
       uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4
     - name: Run Trivy in fs mode
-      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
+      uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # 0.27.0
       with:
         scan-type: fs
         scan-ref: .
@@ -82,7 +82,7 @@ jobs:
       uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4
     - name: Run Trivy in fs mode
       continue-on-error: true
-      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
+      uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # 0.27.0
       with:
         scan-type: fs
         scan-ref: .
@@ -91,7 +91,7 @@ jobs:
         format: json
         output: trivy-report.json
     - name: Show report in human-readable format
-      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
+      uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # 0.27.0
       with:
         scan-type: convert
         vuln-type: ''
@@ -100,7 +100,7 @@ jobs:
         format: table
     - name: Convert report to sarif
       if: ${{ inputs.upload-to-github-security-tab }}
-      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
+      uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # 0.27.0
       with:
         scan-type: convert
         vuln-type: ''
@@ -115,7 +115,7 @@ jobs:
         sarif_file: trivy-report.sarif
     - name: Convert report to csv
       if: ${{ inputs.export-csv }}
-      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
+      uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # 0.27.0
       with:
         scan-type: convert
         vuln-type: ''