diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 00a65f2..09f4e7f 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -77,7 +77,7 @@ jobs:
           PY
       - name: Upload govulncheck SARIF
         if: always() && hashFiles('govulncheck.sarif') != ''
-        uses: github/codeql-action/upload-sarif@v4.35.5
+        uses: github/codeql-action/upload-sarif@v4.36.0
         with:
           sarif_file: govulncheck.sarif
           category: govulncheck
@@ -109,7 +109,7 @@ jobs:
           PY
       - name: Upload gosec SARIF
         if: always() && hashFiles('gosec.sarif') != ''
-        uses: github/codeql-action/upload-sarif@v4.35.5
+        uses: github/codeql-action/upload-sarif@v4.36.0
         with:
           sarif_file: gosec.sarif
           category: gosec
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 5b56966..8d63021 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -26,10 +26,10 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v6.0.2
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v4.35.5
+        uses: github/codeql-action/init@v4.36.0
         with:
           languages: go
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v4.35.5
+        uses: github/codeql-action/autobuild@v4.36.0
       - name: Analyze
-        uses: github/codeql-action/analyze@v4.35.5
+        uses: github/codeql-action/analyze@v4.36.0
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 4e6471b..6767ca3 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -32,6 +32,6 @@ jobs:
           results_format: sarif
           publish_results: true
       - name: Upload SARIF
-        uses: github/codeql-action/upload-sarif@v4.35.5
+        uses: github/codeql-action/upload-sarif@v4.36.0
         with:
           sarif_file: results.sarif