diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index f97a671a77..4439780a87 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -313,7 +313,7 @@ jobs:
             NGINX_CONF_DIR=internal/mode/static/nginx/conf
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@2b6a709cf9c4025c5438138008beaddbb02086f0 # 0.14.0
+        uses: aquasecurity/trivy-action@22d2755f774d925b191a185b74e782a4b0638a41 # 0.15.0
         continue-on-error: true
         with:
           image-ref: ghcr.io/nginxinc/nginx-gateway-fabric${{ matrix.container == 'nginx' && '/nginx' || '' }}:${{ steps.meta.outputs.version }}
diff --git a/.github/workflows/update-docker-images.yml b/.github/workflows/update-docker-images.yml
index 2792e6f791..663e8a4546 100644
--- a/.github/workflows/update-docker-images.yml
+++ b/.github/workflows/update-docker-images.yml
@@ -123,7 +123,7 @@ jobs:
             NGINX_CONF_DIR=internal/mode/static/nginx/conf
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@2b6a709cf9c4025c5438138008beaddbb02086f0 # 0.14.0
+        uses: aquasecurity/trivy-action@22d2755f774d925b191a185b74e782a4b0638a41 # 0.15.0
         continue-on-error: true
         with:
           image-ref: ghcr.io/nginxinc/nginx-gateway-fabric/nginx:${{ needs.variables.outputs.ngf_tag }}