diff --git a/.github/workflows/build-arch-toolbox.yml b/.github/workflows/build-arch-toolbox.yml
index 0ac72613..a08f4a99 100644
--- a/.github/workflows/build-arch-toolbox.yml
+++ b/.github/workflows/build-arch-toolbox.yml
@@ -132,7 +132,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
+      - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
         if: github.event_name != 'pull_request'
         with:
           cosign-release: "v2.6.1"
diff --git a/.github/workflows/build-blincusui-app.yml b/.github/workflows/build-blincusui-app.yml
index ff859541..4b57227a 100644
--- a/.github/workflows/build-blincusui-app.yml
+++ b/.github/workflows/build-blincusui-app.yml
@@ -91,7 +91,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
+      - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
         if: github.event_name != 'pull_request'
         with:
           cosign-release: "v2.6.1"
diff --git a/.github/workflows/build-debian-toolbox.yml b/.github/workflows/build-debian-toolbox.yml
index a40a9167..4077d1e5 100644
--- a/.github/workflows/build-debian-toolbox.yml
+++ b/.github/workflows/build-debian-toolbox.yml
@@ -99,7 +99,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
+      - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
         if: github.event_name != 'pull_request'
         with:
           cosign-release: "v2.6.1"
diff --git a/.github/workflows/build-docker-app.yml b/.github/workflows/build-docker-app.yml
index 837fbcd2..74a530aa 100644
--- a/.github/workflows/build-docker-app.yml
+++ b/.github/workflows/build-docker-app.yml
@@ -76,7 +76,7 @@ jobs:
           tags: ${{  steps.meta.outputs.tags  }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
+      - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
         if: github.event_name != 'pull_request'
         with:
           cosign-release: "v2.6.1"
diff --git a/.github/workflows/build-fedora-toolbox.yml b/.github/workflows/build-fedora-toolbox.yml
index 1bdb8958..9527a635 100644
--- a/.github/workflows/build-fedora-toolbox.yml
+++ b/.github/workflows/build-fedora-toolbox.yml
@@ -97,7 +97,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
+      - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
         if: github.event_name != 'pull_request'
         with:
           cosign-release: "v2.6.1"
diff --git a/.github/workflows/build-incus-app.yml b/.github/workflows/build-incus-app.yml
index b7733bab..dac4d50b 100644
--- a/.github/workflows/build-incus-app.yml
+++ b/.github/workflows/build-incus-app.yml
@@ -92,7 +92,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
+      - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
         if: github.event_name != 'pull_request'
         with:
           cosign-release: "v2.6.1"
diff --git a/.github/workflows/build-steambox.yml b/.github/workflows/build-steambox.yml
index 6002c00b..36dcfcc2 100644
--- a/.github/workflows/build-steambox.yml
+++ b/.github/workflows/build-steambox.yml
@@ -135,7 +135,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
+      - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
         if: github.event_name != 'pull_request'
         with:
           cosign-release: "v2.6.1"
diff --git a/.github/workflows/build-ubuntu-toolbox.yml b/.github/workflows/build-ubuntu-toolbox.yml
index c0f7c1e8..e6a9aaaa 100644
--- a/.github/workflows/build-ubuntu-toolbox.yml
+++ b/.github/workflows/build-ubuntu-toolbox.yml
@@ -101,7 +101,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
+      - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
         if: github.event_name != 'pull_request'
         with:
           cosign-release: "v2.6.1"
diff --git a/.github/workflows/build-wolfi-toolbox.yml b/.github/workflows/build-wolfi-toolbox.yml
index 6ef33b4f..0f20963b 100644
--- a/.github/workflows/build-wolfi-toolbox.yml
+++ b/.github/workflows/build-wolfi-toolbox.yml
@@ -101,7 +101,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
+      - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
         if: github.event_name != 'pull_request'
         with:
           cosign-release: "v2.6.1"