diff --git a/security-actions/sca/action.yml b/security-actions/sca/action.yml
index 76fc93cff..d06dae961 100644
--- a/security-actions/sca/action.yml
+++ b/security-actions/sca/action.yml
@@ -302,7 +302,7 @@ runs:
     - name: Upload SARIF to GitHub Code Scanning (Public Repos)
       if: ${{ inputs.codeql_upload == 'true' && steps.grype_analysis_sarif.conclusion == 'success' && github.event.repository.visibility == 'public' }}
       continue-on-error: true
-      uses: github/codeql-action/upload-sarif@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3
+      uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
       with:
         sarif_file: ${{ steps.meta.outputs.grype_sarif_file }}
         category: sca