diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
index 3d06eba..77e3577 100644
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@@ -54,7 +54,7 @@ jobs:
           output: vuln-report.json
 
       - name: Upload Vulnerability Report
-        uses: actions/upload-artifact@v4.6.2
+        uses: actions/upload-artifact@v5
         with:
           name: vuln-report
           path: vuln-report.json
diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml
index 0d6bc99..32e1e23 100644
--- a/.github/workflows/integration-test.yml
+++ b/.github/workflows/integration-test.yml
@@ -115,7 +115,7 @@ jobs:
 
     - name: Upload test artifacts
       if: always()
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         name: integration-test-artifacts
         path: |
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 3721288..5d7d3fc 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -47,7 +47,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           name: SARIF file
           path: results.sarif