diff --git a/.github/workflows/ci-enhanced.yml b/.github/workflows/ci-enhanced.yml
index 3a45710f..332de710 100644
--- a/.github/workflows/ci-enhanced.yml
+++ b/.github/workflows/ci-enhanced.yml
@@ -492,7 +492,7 @@ jobs:
         output: trivy-results.sarif
 
     - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@v2
+      uses: github/codeql-action/upload-sarif@v4
       with:
         sarif_file: trivy-results.sarif
 
diff --git a/.github/workflows/deploy-enhanced.yml b/.github/workflows/deploy-enhanced.yml
index 9bb8a1fd..74210191 100644
--- a/.github/workflows/deploy-enhanced.yml
+++ b/.github/workflows/deploy-enhanced.yml
@@ -238,7 +238,7 @@ jobs:
           output: trivy-results.sarif
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v4
         if: always()
         with:
           sarif_file: trivy-results.sarif
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 4f06c401..05c7668b 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -212,7 +212,7 @@ jobs:
         generateSarif: "1"
 
     - name: Upload SARIF file
-      uses: github/codeql-action/upload-sarif@v2
+      uses: github/codeql-action/upload-sarif@v4
       with:
         sarif_file: semgrep.sarif
       if: always()