diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
index a707d85d..0e749842 100644
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@@ -182,7 +182,7 @@ jobs:
 
       - name: Upload Image Artifact
         if: github.event_name == 'pull_request'
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
           name: pr-image-${{ github.event.pull_request.number }}
           path: /tmp/charon-pr-image.tar
@@ -650,7 +650,7 @@ jobs:
 
       - name: Upload Artifacts
         if: always()
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
           name: supply-chain-pr-${{ github.event.pull_request.number }}
           path: |
diff --git a/.github/workflows/supply-chain-verify.yml b/.github/workflows/supply-chain-verify.yml
index 1790ed2e..230b9419 100644
--- a/.github/workflows/supply-chain-verify.yml
+++ b/.github/workflows/supply-chain-verify.yml
@@ -154,7 +154,7 @@ jobs:
 
       - name: Upload SBOM Artifact
         if: steps.image-check.outputs.exists == 'true' && always()
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882  # v4.4.3
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02  # v4.6.2
         with:
           name: sbom-${{ steps.tag.outputs.tag }}
           path: sbom-generated.json
@@ -326,7 +326,7 @@ jobs:
 
       - name: Upload Vulnerability Scan Artifact
         if: steps.validate-sbom.outputs.valid == 'true' && always()
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882  # v4.4.3
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02  # v4.6.2
         with:
           name: vulnerability-scan-${{ steps.tag.outputs.tag }}
           path: |