diff --git a/.github/workflows/vulnerability-scans.yaml b/.github/workflows/vulnerability-scans.yaml
index af7d8bda1..de7d777a7 100644
--- a/.github/workflows/vulnerability-scans.yaml
+++ b/.github/workflows/vulnerability-scans.yaml
@@ -44,6 +44,15 @@ jobs:
           echo "${TAGS_JSON}"
           echo "TAGS=${TAGS_JSON}" >> $GITHUB_OUTPUT
 
+  govulncheck:
+    name: Run govulncheck
+    runs-on: ubuntu-latest
+    steps:
+      - name: Scan for vulnerabilities in go code
+        uses: golang/govulncheck-action@v1
+        with:
+          check-latest: true
+
   scan:
     runs-on: ubuntu-latest
     needs: version