diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 25a834576..2e856acdb 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -37,14 +37,14 @@ jobs:
 
       - name: Cache Trivy vulnerability database
         if: ${{ steps.db_download.outcome == 'success' }}
-        uses: actions/cache/save@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
+        uses: actions/cache/save@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
         with:
           path: /home/runner/vuln-cache
           key: trivy-cache-${{ github.run_id }}
 
       - name: Use previously downloaded database instead
         if: ${{ steps.db_download.outcome == 'failure' }}
-        uses: actions/cache/restore@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
+        uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
         with:
           path: /home/runner/vuln-cache
           key: download-failed # Use a non existing key to fallback to restore-keys
@@ -90,7 +90,7 @@ jobs:
         uses: canonical/lxd/.github/actions/install-trivy@main
 
       - name: Restore cached Trivy vulnerability database
-        uses: actions/cache/restore@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
+        uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
         with:
           path: /home/runner/vuln-cache
           key: download-failed # Use a non existing key to fallback to restore-keys