diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
index bad855c9..fc213946 100644
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -21,7 +21,7 @@ jobs:
       - uses: actions/checkout@v6
 
       - name: Run Trivy filesystem scan
-        uses: aquasecurity/trivy-action@0.34.0
+        uses: aquasecurity/trivy-action@0.35.0
         with:
           scan-type: 'fs'
           scan-ref: '.'
@@ -30,7 +30,7 @@ jobs:
           format: 'table'
 
       - name: Run Trivy filesystem scan (SARIF)
-        uses: aquasecurity/trivy-action@0.34.0
+        uses: aquasecurity/trivy-action@0.35.0
         if: always()
         with:
           scan-type: 'fs'
@@ -60,7 +60,7 @@ jobs:
           docker build -f Dockerfile.worker.gpu -t vlog-worker:scan .
 
       - name: Run Trivy image scan
-        uses: aquasecurity/trivy-action@0.34.0
+        uses: aquasecurity/trivy-action@0.35.0
         with:
           image-ref: 'vlog-worker:scan'
           severity: 'CRITICAL,HIGH'
@@ -69,7 +69,7 @@ jobs:
           trivyignores: '.trivyignore'
 
       - name: Run Trivy image scan (SARIF)
-        uses: aquasecurity/trivy-action@0.34.0
+        uses: aquasecurity/trivy-action@0.35.0
         if: always()
         with:
           image-ref: 'vlog-worker:scan'