diff --git a/.github/workflows/sbom-vulns.yml b/.github/workflows/sbom-vulns.yml
index 21f8af91..05b4e0e6 100644
--- a/.github/workflows/sbom-vulns.yml
+++ b/.github/workflows/sbom-vulns.yml
@@ -32,7 +32,7 @@ jobs:
 
       # Scan the CDX SBOM with Grype
       - name: Grype Scan SBOM
-        uses: anchore/scan-action@v4.1.2
+        uses: anchore/scan-action@v5.2.0
         id: scan
         with:
           output-format: sarif