diff --git a/.github/workflows/vulnerability-scans.yaml b/.github/workflows/vulnerability-scans.yaml
index e1d38bcbb..226586030 100644
--- a/.github/workflows/vulnerability-scans.yaml
+++ b/.github/workflows/vulnerability-scans.yaml
@@ -60,7 +60,7 @@ jobs:
 
       - name: Scan image with AquaSec/Trivy
         id: scan
-        uses: aquasecurity/trivy-action@f78e9ecf42a1271402d4f484518b9313235990e1 # v0.13.1
+        uses: aquasecurity/trivy-action@2b6a709cf9c4025c5438138008beaddbb02086f0 # v0.14.0
         with:
           image-ref: registry.k8s.io/ingress-nginx/controller:${{ matrix.versions }}
           format: 'sarif'